Making this one change could eliminate spam, says police tech chief

National Crime Agency urges organisations to adopt this protocol to help put an end to email spam
Written by Danny Palmer, Senior Writer

Spam emails are often used to distribute malware.

Image: Symantec

Cybercrimes like phishing and malware distribution could almost be eradicated if organisations took one simple step to actively fight against it, a senior member of the UK's organised crime fighting operation has claimed.

That step, says Paul Edmunds, Head of Technology at the National Crime Agency (NCA) National CyberCrime Unit, is the adoption of an "active defence" technique which would have a "significant impact" on a lot of low level cybercriminal activity.

"Active defence is about fixing the gaps that we currently have in the internet infrastructure which enables cybercrime," he said, speaking at Cloud Security Expo in London.

Noting how despite being a simple form of cybercrime, spam continues to be a nuisance - delivering the likes of malware, ransomware and phishing emails - to organisations of every size, Edmunds argued that there are "practical steps" which could be taken in order to almost completely block these campaigns.

One of those is the use of DMARC "Domain-based Message Authentication, Reporting & Conformance - and email authentication protocol which enables users to determine what a legitimate email is and what's spam, complete with a reporting function for ongoing improvement and protection. However, a recent survey found it isn't widely used.

Nonetheless, Edmunds argued, if DMARC was rolled out everywhere in order to verify if messages come from legitimate domains, it would be a major blow to spam distributors and take a big step towards protecting organisations from this type of crime.

"If everyone used that, actually the spam problem would not only be significantly reduced, it'd probably almost go away," he said.

However, according to a recent survey by the Global Cyber Alliance, DMARC isn't widely used and only 15 percent of cybersecurity vendors themselves are using DMARC to prevent email spoofing.
"DMARC is not nearly broadly deployed as it could be" said Philip Reitinger, president and CEO of the Global Cyber Alliance

One aspect which can put organisations off deploying it is that if DMARC isn't implemented properly - and it can be tricky to implement, especially for smaller organisations without security expertise - it can prevent email being delivered in the first place.

The National Crime Agency, the National Cyber Security Centre outlined some of the biggest threats to UK businesses in a report released to coincide with this week's CYBER UK conference in Liverpool - and malware was on the list.

"Malware authors will continue to exploit them to mount attacks and will continue working to find fresh vulnerabilities, the report says.

It cites the likes of cyberattacks exploiting the insecurity of the Internet of Things, hackers attempting to compromise industrial connected devices and the increasing scourge of ransomware as some of the threats cybersecurity professionals must be able to deal with.


Editorial standards