IPv6 calls for relook at spam filtering
The migration to IPv6 calls for a paradigm shift in mindset for spam protection, according to an industry expert.
Manish Goel, CEO of TrustSphere, told ZDNet Asia in a phone interview that the current way of "blocking" bad e-mail traffic will not work in the new IPv6 network, as the world encounters an explosion of IP addresses. Formerly known as BoxSentry, TrustSphere specializes in e-mail authentication for enterprises.
"In the IPv4 world, you can easily categorize bad IP, but going forward, trying to block all the bad IP will almost be impossible," Goel said, pointing out that solution providers have to start to think about how spam filtering can work in future.
"You have to start letting in good e-mail messages then block the rest, as opposed to what's happening now--block all e-mail messages, then look for the good ones," he added.
Goel explained that since Asia-Pacific countries are among the first to switch on IPv6 services, governments and enterprises in the region will have to be prepared when the transformation happens.
Social engineering a growing concern
The founder of TrustSphere also revealed that top IT executives have approached the company following spear-phishing or targeted e-mail attacks in their organizations. Such attacks, also known as "whaling", have seen an increase in recent months, the most widely-publicized being the RSA attack announced in March.
"Cybercriminals are not using spam as the conventional filter service is getting too strong...they are turning to socially-engineered e-mail messages to directtargeted attacks at top executives, or the 'whales'," the executive noted.
Goel explained that while human education and diligence is important, users typically do not have the time or patience to understand e-mail protocols and hence become victims of such attacks.
To this end, the company's offering does not label e-mail messages as bad or good, but instead learns about the common correspondence between two parties, and highlight such "good" e-mail messages to the recipient, he said. That way, users can differentiate the "good" e-mail messages from the somewhat dodgy ones.
This ability to understand e-mail traffic, is also not distracted by the complex and multiple server environment that is commonly associated with governments and large organizations, he added.
"Because of the easy instructions the solution presents, we're able to mitigate a large chunk of risks associated with spear-phishing," noted Goel.
Apart from enterprises, a "fair number" of government agencies around the region have also expressed their need for better e-mail management and protection, with a few having actually fallen prey to spear-phishing attacks, the executive said.
Govt use of free Web mail "unacceptable"
While some governments in the region are actively working to prevent spear-phishing attacks, a few are using free Web-based e-mail for official communications, which is "completely unacceptable", Goel noted.
"It not only puts the government at risk [of] a significant amount of data leakage, servers and sensitive information can also be hacked," he warned.
According to Goel, government agencies in Malaysia, Indonesia and India are among those still using free Web-based e-mail for official communications.
The government of India, in particular, has come under public scrutiny for shunning its official e-mail service because the log-in requires civil servants to do so via a computer, which most of them have no access to, Bloomberg reported last month. Like the rest of the nation, the majority of civil servants retrieves and sends e-mail messages through mobile phones, but only senior government officials can access the government e-mail system via smartphones.
By not using official e-mail systems, the chain of important communication may also be disrupted by "false positives", where e-mail messages are treated as junk or spam, Goel said.