Following the news that Japan’s largest travel agency JTB Corp having 7.93 million passport details, home and email addresses stolen by hackers, Guy Bunker, Senior Vice President at Clearswift commented below.
Guy Bunker, Senior Vice President at Clearswift:
“While the company can’t blame the employee for opening the email, the company is itself to blame and cannot shirk its responsibility. The increasing use of embedded malware in innocuous looking documents is not something which can be glossed over – there have been many incidents recently, especially with ransomware and in the healthcare sector. There is a need for businesses to look for solutions to mitigate this issue today, rather than waiting to be attacked. There are a number of potential solutions out there with structural sanitization and sandboxing being the two front runners.
“Sandboxing is an old style solution, and as such is more expensive to implement and run than sanitization. Structural sanitisation automatically removes embedded active content from documents, removing the threat but not delaying delivery of the email and/or content so using this as part of a Data Loss Prevention Solutions for email and for the web is important here. As this problem is not just related to emails with attached documents but also with documents which are downloaded from the web, where reputable sites, especially cloud collaboration sites are being used to dupe users into downloading the malware infected documents.
“Organisations owe it to their employees and their customers to protect themselves against these types of attacks, and do it today not wait until they fall victim themselves.”