Written by Geir Inge Jensen, IT Operations Manager | 06 May 2019
Stay up to date!
* By subscribing to the latest news from our blog, you consent to us storing your email address, and sending you monthly emails. You can, at any time, retract this consent.
Email communication between ship and shore is a vital part of a ship’s operation. It is also a source of constant threats, as email is the number one vector for sophisticated threats that are targeting your vessels.
All it takes is just one crew member to click on a link in an infected email to compromise the network.
Basic vs. enterprise-grade email protection
While there are best practices for safe email transfer, such as emailing as zip or encrypted file when necessary, avoiding using generic email addresses and ensuring the system has configured user accounts, the only way to properly secure email traffic on your ships is by implementing advanced email protection.
But doesn’t an email filtering mechanism already exist on most email platforms today? Yes, it does – but basic email filters do not have the complexity to stay ahead of email-borne threats, which are becoming more and more sophisticated literally by the minute.
During an era in which the volume of unsolicited emails and phishing attempts is only going to increase, you can no longer rely on ‘basic’ to ensure emails do not represent a threat to your onboard cybersecurity.
You need a multi-layered approach to email threat protection, and this can only be ensured using an enterprise-grade email security service.
But what do you need to look for in such a system, to accurately evaluate the best one for your fleet? Let’s look at six minimum requirements of an advanced maritime email security system.
1. Block spoofed domain names
You want an email security system that checks for emails from domains that do not exist, or for spoofed emails from valid domains.
Email spoofing is a form of cyber attack where email messages are created with a forged sender address, usually to fool the recipient into providing money or sensitive information. A typical scenario is where an attacker sends an email pretending to be the CEO of a company, to try to get an employee in accounting or finance to pay an invoice or authorise wire transfers.
In an advanced email security system, legitimate emails are authenticated against SPF records (Sender Policy Framework) and DKIM (Domain Keys Identified Mail) standards. The system can block emails that appear to come from domains controlled by these records unless they align correctly.
2. Block phishing attempts
Phishing is a type of cyber attack that attempts to trick the email recipient into believing that the message is something they want or need – a request from their bank, for instance, or a note from someone in their company – and to click a link or download an attachment.
One of the most common threats to businesses today, both onshore and offshore, phishing leads to credential theft, unauthorised access to sensitive systems, and sensitive data breaches.
A professional email security system needs to provide the following features:
Link analysis (does the link point to what is expressed in the email?)
Is the sender included in the safe sender lists?
Cloud reputation of content lookup
Analysis of content
3. Block malware using multiple virus scanners
To keep your vessels safe from all the advanced threats emerging almost daily, the email security system that you choose must offer multi-layered protection, using multiple scanners.
Combining multiple anti-malware engines, where each scanner specialises in different virus categories, ensures continuously updated scanners and optimal malware detection rates.
4. Block malicious attachments
Malicious email attachments represent a common threat. Cyber attackers attach files to an email that can install malware capable of accessing computers and network systems, potentially destroying or stealing business-critical data. Such attachments are typically sent along with email content that is sufficiently convincing to fool the recipient.
Your email security system should be able to:
Identify macros and executables
Verify whether the filename corresponds with the actual file type
Check even compressed files and archives
5. Detect and block spam
Although email spam is more nuisance than menace, it needs to be detected and blocked. Links in spam emails may lead users to websites with malware and phishing schemes, which can access and disrupt the receiver’s computer system.
An effective spam filtering email system must provide the following capabilities:
Comprehensive content analysis
Cloud reputation lookups
Machine learning (reputation of the sender)
Email spam score, blocking high scores
6. Link click protection
Any advanced email security system should offer link click protection.
Link click protection prevents users from opening malicious links by checking each link against URL reputation databases. If the link is unsafe, users are alerted immediately. Attachments are quarantined until proven safe, preventing viruses and malware from disrupting your vessels’ networks.
Email is a source of constant threats targeting your vessels. By implementing a comprehensive cybersecurity service that stops malware and unwanted traffic, email is effectively secured across your fleet.
Select an enterprise-grade email security system that detects and blocks...
spoofed domain names
malware (using multiple virus scanners)
Such a system should also provide link click protection.
Written by Geir Inge Jensen, IT Operations Manager
Geir Inge Jensen is the IT Operations Manager at Dualog. Adding over 20 years of experience in network design and cyber security, Geir Inge is passionate about developing solutions and services that help shipping companies create a more cyber-resilient environment onboard their vessels. When he is not fighting maritime cybercrime, you can find him in the mountains enjoying the great outdoors with his camera in hand.