JRB - Fotolia
Nearly six in 10 UK office workers usually open email attachments from unknown senders, according to a survey of 1,000 employees by UK-based cyber security firm Glasswall Solutions.
Despite the widely publicised growing threat from social engineering, where hackers create emails that look as if they have come from someone the recipient knows, 83% admitted always or usually opening attachments if they appear to be from a known contact.
A combination of inadequate threat awareness, poor work practices and out-of-date technology is leaving even the most dynamic businesses wide open to breaches and ransomware attacks through documents carrying malicious exploits hidden inside common file-types, according to the survey report.
“Employees need to trust their emails to get on with their work, but with 94% of targeted cyber attacks now beginning with malicious code hidden in an email attachment, the security of major businesses should no longer be the responsibility of individual office-workers,” said Greg Sim, CEO, Glasswall Solutions.
“Conventional antivirus and sandboxing solutions are no longer effective and relying on the vigilance of employees clearly leaves a business open to devastating cyber attacks that will siphon off precious data or hold the business to ransom.”
The survey revealed the scale of the risk, with 76% acknowledging that they have received email attachments that were suspicious, but only 16% saying they think cyber attack is their concern.
“This research confirms anecdotal evidence that although security awareness campaigns have their place, all too often they fail to equip workers with effective strategies for protecting data and systems,” said Andrew Martin, professor and cyber security expert at the University of Oxford.
“Technology that is fit for purpose reduces risks without placing added burdens on those simply trying to do their jobs,” he said.
The survey revealed that employees often feel vulnerable, with 58% of respondents saying they would feel safer if their employer had the right technology to protect them. One in five said the business they work for has no policy on how to handle email attachments, or they have not been made aware of it.
Untrained office workers face thousands of security decisions
The results also show how UK office workers are faced with thousands of decisions about cyber security. More than half of those surveyed (55%) said they sent or received at least 11 documents via email every working day, meaning there are 2,585 potentially malicious files in circulation from a single employee each year.
“Instead of relying on a failed combination of outdated antivirus defences and the vigilance of their hard-pressed employees to protect them, businesses need innovative technology that stops all the threats in email attachments before they enter a network,” said Sim.
“Zero-day attacks have massively increased and most employees will never know they have been responsible for a catastrophic breach because the malware they are responsible for admitting may be triggered weeks after they clicked on an attachment.
“But there is no excuse for complacency or defeatism – businesses need to implement the right technology and formulate an effective risk-policy in relation to email attachments. That way they will be back in control, instead of becoming yet another expensive, high-profile victim of hacking.”
Malicious email-borne attachments are also used in phishing attacks aimed at stealing credentials to gain unhindered access to corporate networks. The latest Verizon data breach incident report reveals that phishing was present in 21% all security incidents in the past year, up from just 8% the year before. The data shows that 7.3% of phishing attacks were successful, resulting in the victim clicking on a link or email attachment sent by cyber criminals.
To tackle email-borne cyber threats, Glasswall has developed software to detect when popular document formats have been manipulated to hide malware.
Glasswall’s approach is to focus on the known good and use a policy-driven approach to take employees out of the firing line by not relying on them to identify document-related risks.
The software works by breaking attached document files down to byte level, searching only for “known good” and matching the file structures against manufacturers’ file format standards to pass on to users only clean, regenerated files.
The software also significantly reduces the risk of ransomware attacks, which are mostly delivered through malicious email attachments and links, which Glasswall is designed to strip out before they reach employees.