OryxLabs, a leading United Arab Emirates (UAE) cybersecurity firm providing Internet-scale platforms for monitoring and protection, has published a report that assigns an Email Authentication Deployment Score (EADS) at a national level in the UAE for the first time. This rating is based on actual network data that was collected, processed, and analysed to give an accurate, on-the-ground account of the state of email authentication in the country.
The research paper, titled State of the Nation – Email Authentication in the UAE, is based on data drawn from over one million domains utilising the .AE extension. From that set, 134,000 domain names used for email exchanges in the UAE were selected for further analysis. The report utilised over 4 million Domain Name System (DNS) queries with more than 40 evaluation parameters per domain and an analysis of 5 million data points to paint the final picture of email security.
The score is based on the implementation or lack thereof of three fundamental and complementary email security protocols: Sender Policy Framework (SPF); Domain Keys Identified Mail (DKIM); and Domain-based Message Authentication, Reporting, and Conformance (DMARC). Working together, these protocols help ensure emails purporting to be from an organisation actually come from the organisation and that they have not been tampered with in transit.
Commenting on the publication of the pioneering new report, Sumit Dhar, CEO of OryxLabs said, “This really is a fundamental paper. Email-based attacks are the most common way for hackers to target an organisation, and this popularity is in part due to the relative ease of execution and high efficiency of such attacks. Attackers can easily pretend to be a trusted party and trick the victim into actions detrimental to his/her organisation.”
Dr. Rudy Guyonneau, Director of Research at OryxLabs and the Lead Author of the report added, “This report, in bold factual numbers, for the first time provides a score sheet on the implementation of email authentication. It references the financial and reputational cost of email breaches to firms; and highlights proposed areas and methods of improvement for email authentication”.
Email-based attacks are extremely popular within the cybercriminal arsenal. From low-level, opportunistic scammers, to nation state-backed groups, the usage of such attacks continues to grow. Cyber attackers and scammers leverage surprise and psychological techniques to mislead employees into interacting with malicious emails, driving them to take actions they would not ordinarily. This may result in malware infections, business email compromise, or even the theft of credentials.
A report from IBM – Cost of Data Breach 2021 – estimates the average total cost of a single data breach caused by phishing, including business email compromises, at US$ 5 million, while Cisco’s 2021 Cyber Security Threat Trends estimates that 86% of organisations surveyed had at least one user attempt to connect to a phishing site.
The overall absolute EADS score for the UAE is on-par or slightly higher than scores observed worldwide. That said, efforts are required across the board to enhance the state of email protection. A deep dive of the report’s results provides visibility into the actions that need to be taken for an efficient improvement of the situation.
Observations include the fact that while SPF can be easily implemented it remains at a relatively low deployment score. The implementation of DKIM for the UAE is surprisingly high for the oft-overlooked protocol, and DMARC is neglected by most organisations and would be a strong factor of improvement.
On a positive note, email authentication is easy to implement relative to the protection it provides. As such, it is strongly advised that SPF, DKIM, and DMARC be deployed efficiently across all organisations and prioritised at critical ones that have not implemented it yet.