Written by Geir Inge | 06 May 2019
Email communication between ship and shore is a vital part of a ship’s operation. It is also a source of constant threats, as email is the number one vector for sophisticated threats that are targeting your vessels.
All it takes is just one crew member to click on a link in an infected email to compromise the network.
While there are best practices for safe email transfer, such as emailing as zip or encrypted file when necessary, avoiding using generic email addresses and ensuring the system has configured user accounts, the only way to properly secure email traffic on your ships is by implementing advanced email protection.
But doesn’t an email filtering mechanism already exist on most email platforms today? Yes, it does – but basic email filters do not have the complexity to stay ahead of email-borne threats, which are becoming more and more sophisticated literally by the minute.
During an era in which the volume of unsolicited emails and phishing attempts is only going to increase, you can no longer rely on ‘basic’ to ensure emails do not represent a threat to your onboard cybersecurity.
You need a multi-layered approach to email threat protection, and this can only be ensured using an enterprise-grade email security service.
But what do you need to look for in such a system, to accurately evaluate the best one for your fleet? Let’s look at six minimum requirements of an advanced maritime email security system.
You want an email security system that checks for emails from domains that do not exist, or for spoofed emails from valid domains.
Email spoofing is a form of cyber attack where email messages are created with a forged sender address, usually to fool the recipient into providing money or sensitive information. A typical scenario is where an attacker sends an email pretending to be the CEO of a company, to try to get an employee in accounting or finance to pay an invoice or authorise wire transfers.
In an advanced email security system, legitimate emails are authenticated against SPF records (Sender Policy Framework) and DKIM (Domain Keys Identified Mail) standards. The system can block emails that appear to come from domains controlled by these records unless they align correctly.
Phishing is a type of cyber attack that attempts to trick the email recipient into believing that the message is something they want or need – a request from their bank, for instance, or a note from someone in their company – and to click a link or download an attachment.
One of the most common threats to businesses today, both onshore and offshore, phishing leads to credential theft, unauthorised access to sensitive systems, and sensitive data breaches.
A professional email security system needs to provide the following features:
To keep your vessels safe from all the advanced threats emerging almost daily, the email security system that you choose must offer multi-layered protection, using multiple scanners.
Combining multiple anti-malware engines, where each scanner specialises in different virus categories, ensures continuously updated scanners and optimal malware detection rates.
Malicious email attachments represent a common threat. Cyber attackers attach files to an email that can install malware capable of accessing computers and network systems, potentially destroying or stealing business-critical data. Such attachments are typically sent along with email content that is sufficiently convincing to fool the recipient.
Your email security system should be able to:
Although email spam is more nuisance than menace, it needs to be detected and blocked. Links in spam emails may lead users to websites with malware and phishing schemes, which can access and disrupt the receiver’s computer system.
An effective spam filtering email system must provide the following capabilities:
Any advanced email security system should offer link click protection.
Link click protection prevents users from opening malicious links by checking each link against URL reputation databases. If the link is unsafe, users are alerted immediately. Attachments are quarantined until proven safe, preventing viruses and malware from disrupting your vessels’ networks.
Email is a source of constant threats targeting your vessels. By implementing a comprehensive cybersecurity service that stops malware and unwanted traffic, email is effectively secured across your fleet.
Select an enterprise-grade email security system that detects and blocks...
Such a system should also provide link click protection.
Geir Inge Jensen is the IT Operations Manager at Dualog. Adding over 20 years of experience in network design and cyber security, Geir Inge is passionate about developing solutions and services that help shipping companies create a more cyber-resilient environment onboard their vessels. When he is not fighting maritime cybercrime, you can find him in the mountains enjoying the great outdoors with his camera in hand.