Computer Emergency Response Team Coordination Center in order to reduce security risks, strategies for reducing the damaging effects of emails that described can be exchanged among users. According to this teaching posts Today, e-mail is exchanged high among Internet users. These emails can contain attachments as well. These emails can contain attachmen-ts as well. Because of the high number of emails, Have attracted the attention of online malice. you should Reduce Damaging Effects of Emails from any bad attachment.
Experts in the field of security research, a large number of emails containing malicious attachments or embedded links have identified that in most cases have been targeted against organizations. The report by the ASD and to provide a solution to reduce security risks created by the malicious emails have been collected.
Center for Computer Emergency Response Team Coordination Center (skilled) with the release of the report: The report provided a number of strategies to mitigate such risks. It is noteworthy that the solution presented in this report is not necessarily appropriate for all organizations And organizations should consider their risk environment and business requirements, a solution to decrease your choice.
6 way to Reduce Damaging Effects of Electronic Email
In this post, you will learn 6 way to reduce damaging effects of electronic post (Emails). in the above description, i have given some explain to reduce damaging effect email. So, now it’s time to explain 6 way to decrees risk effect of electronic post (Email).
One of the security risks is in the attachments in emails. Filter attachment, malicious contents on the user’s system likely to receive reduced as well. About malicious attachments reduction strategies, including excellent security effectiveness and also, become attached to that Have a great impact on security. Attachments format to another format conversion is a significant influence on the removal of malicious contents. For example, one of these converter, convert Microsoft Office files to PDF format is.
In this list to determine what kind of file, instead of taking the file, the file is investigated. The types of files that allow business objectives and acceptable risk profile for the organization, they can be whitelisted. our recommendations is whitelist rather then the blacklist, because the list of all acceptable forms that can be received by e-mail are determined.
If the file type is determined based on its contents, with the extension of the conflict, the item should be considered as a suspected case.
#3. Block Attachments undetectable, or encrypted
Unrecognizable or encrypted attachments are not trustworthy, because it can not decry-pt the contents of e-mail and studied. Each attachment is encrypted until it is deemed safe, it should be blocked.
#4. Automated dynamic analysis to attach to their implementation in a sandbox
Dynamic analysis has the ability to detect behavioral characteristics. So in a sandbox can automatically perform a dynamic analysis of suspicious behavior in network traffic, new or changed files or changes in the Windows registry to identify.
#5. Remove potentially dangerous attachments or active content
The use of macros in Microsoft Office documents is greatly increased. Therefore, it is advisable to disable all macros organizations, their programs are configured by default and only trusted macros are usually written by people with access to review.
It should be noted that a malicious file could be formed with other authorized files to an archive file and the destination. To detect this malicious file, the recipient must decompress archive files, and all files in it to allow a malicious comment or review.
Check archive files need to be controlled so that the reviewer has nested surveys or service mode is prohibited. For example, examine the contents of an e-mail that contains a text file. This file gigabyte archive is only empty space, Occupies significant processing resources.
Another example, files are nested archives. If an archive file is composed of 16 other archive files as well as any of the new archive files consist of 16 other archive file And this will continue until 6 level, reviewer contents of the e-mail should be about a million files to check. In this case, set the expiration time for the CPU, memory and disk make up most of the time determined if the work continues, it will be canceled and returned to the system resources.
Removing files from the archive file are decompressed and until all files are created, continues. A malicious archive files can easily be added to the end of an image file is allowed and not allowed on the receiver to scan file photo, has been received. So you need to decompress all attachments and files created are carefully checked.Tagged with: