Email is still the workhorse communication channel for modern businesses, and shipping is no exception. For modern shipping companies, email is the primary platform for exchanging business-critical information between ship and shore. 

As discussed in our previous blog article, email also continues to be one of the primary approaches cyber attackers are using to exploit shipping companies and gain access to confidential data. According to Verizon’s 2019 Data Breach Investigations Report…

• 94% of detected malware was delivered via malicious email attachments
• Email phishing is the number one type of threat action in breaches

• 45% of malware was delivered by email attachments containing common Microsoft Office documents

These numbers tell us that your ships’ networks are one click away from being compromised.

How do you keep all email traffic to and from your ships protected from current email-borne threats and attacks? Training and awareness are essential, but it is not enough. You need a multilayered approach to email threat protection that includes scans by multiple antivirus engines, several anti-spam scoring mechanisms and phishing checks based on comprehensive and up-to-date lists to name a few of the tools that should be in place. 

Basic email protection doesn’t cut it

Most email platforms today offer an email filtering mechanism. However, basic email filters do not have the complexity to stay ahead of modern-day threats such as the Emotet malware. 

Unsolicited emails and phishing attempts are not going away. On the contrary, they are only going to increase in number and complexity. Thus, you cannot rely on ‘basic’ mitigation measures to ensure future emails do not represent a threat to your onboard cybersecurity.

What to look for in a multilayered email security system

To help you select the right email solution for your fleet, let’s look at six minimum requirements of an advanced maritime email security system.

1. Block spoofed domain names

You want an email security system that checks for emails from domains that do not exist, or for spoofed emails from valid domains.

Email spoofing is a form of cyber attack where email messages are created with a forged sender address, usually to fool the recipient into providing money or sensitive information. A typical scenario is when an attacker sends an email pretending to be the CEO of a company to get an employee in accounting or finance to pay an invoice or authorise wire transfers.

In an advanced email security system, legitimate emails are authenticated against SPF records (Sender Policy Framework) and DKIM (Domain Keys Identified Mail) standards. The system can block emails that appear to come from domains controlled by these records unless they align correctly.

2. Block phishing attempts

Phishing is a type of cyber attack that attempts to trick the email recipient into believing that the message is something they want or need – a request from their bank, for instance, or a note from someone in their company – and to click a link or download an attachment.

One of the most common threats to businesses today, both onshore and offshore, phishing leads to credential theft, unauthorised access to sensitive systems, and sensitive data breaches. 

A maritime-optimised email security system needs to provide the following features:

• Link analysis (does the link point to what is expressed in the email?)
• Is the sender included in the safe sender lists?
• Cloud reputation of content lookup
• Analysis of content

3. Block malware by using multiple virus scanners

To keep your vessels safe from all the advanced threats emerging almost daily, the email security system that you choose must offer multi-layered protection, using multiple scanners.

Combining multiple anti-malware engines, where each scanner specialises in different virus categories, ensures continuously updated scanners and optimal malware detection rates.

Read more: How Dualog® Business Mail secures your fleet email

4. Block malicious attachments

Malicious email attachments represent a common threat. Cyber attackers attach files to an email that can install malware capable of accessing computers and network systems, potentially destroying or stealing business-critical data. Such attachments are typically sent along with email content that is sufficiently convincing to fool the recipient.

Your email security system should be able to:

• Identify macros and executables
• Verify whether the filename corresponds with the actual file type
• Check even compressed files and archives

5. Detect and block spam

Although email spam is more nuisance than menace, it needs to be detected and blocked. Links in spam emails may lead users to websites with malware and phishing schemes, which can access and disrupt the receiver’s computer system. Also, on satellite networks, the sheer data volume of spam translates to unnecessary bandwidth consumption and, therefore, might represent a substantial cost.

An effective spam filtering email system must provide the following capabilities:

• Comprehensive content analysis
• Cloud reputation lookups
• Machine learning (reputation of the sender)
• Email spam score, blocking high scores

6. Link click protection

Any advanced email security system should offer link click protection.

Link click protection prevents users from opening malicious links, by checking each link against URL reputation databases. If the link is unsafe, users are alerted immediately. Attachments are quarantined until proven safe, preventing viruses and malware from disrupting your vessels’ networks.

Summary

The only way to effectively secure email traffic across your fleet is to implement advanced email protection. 

Select a maritime-optimised email security system that detects and blocks...

• spoofed domain names
• phishing attempts
• malware (using multiple virus scanners)
• malicious attachments
• spam
• such a system should also provide link click protection