CybersecurityE-mail security is better than it was, but far from perfect

Phishing remains a successful method to breach security // Source: illinois.edu

E-mail security helps protect some of our most sensitive data: password recovery confirmations, financial data, confidential correspondences, and more. According to a new report, published by Associate Professor Michael Bailey of the University of Illinois’ Coordinated Science Lab (CSL) in collaboration with colleagues at the University of Michigan and Google, e-mail security is significantly better than it was two years ago, but still has widespread issues.

The networking protocols that underlie today’s Internet were not originally built to be secure — it was only years later that security protocols were “bolted on” to the existing systems. However, despite there being measures in place to solve these security issues, each individual e-mail server has the choice whether to adopt these protocols. E-mail security in the past two years has improved because companies like Google now use these protocols, but there are many other servers that do not.

“Much of the measurement work done in my lab is focused on how we can incentivize an individual or an organization to make a right decision — to adopt these security protocols,” said Bailey, a member of the ECE Illinois faculty. “A lot of the interesting work in security goes beyond not only modeling the technology, but modeling the organizations that use that technology and how they choose to use it.”

U. of I. reports that in addition to measuring the adoption of e-mail security protocols at scale, Bailey and his team also highlighted some of the implications of “bolted on security” in today’s e-mail. For example, because the protocols that govern e-mail-server-to-e-mail-server communication were originally not designed to support encryption, a command called STARTTLS was later added that allowed two email servers to negotiate a secure connection. However, because this command can only be issued after two e-mail servers begin communicating in an insecure fashion, an attacker can corrupt the STARTTLS command, forcing the e-mail exchange to continue without encryption.

“We found that there’s a significant number of e-mail exchanges in which there’s an adversary between two mail servers who’s trying to intentionally downgrade the communication,” said Bailey. “For example, pretty much every e-mail server in Tunisia is not safe. In other countries, like Iraq and Nepal, it’s close to 1 in 4 servers that are actively being downgraded.”

While the report provides encouraging news that e-mail security continues to strengthen, the report also serves to remind users that it remains important to understand the limits of privacy in e-mail and on the Internet as a whole.

“I work under the assumption that any e-mail I send without special care has an Internet-wide distribution list,” says Bailey. “If you want to send a secure e-mail, you must either trust every computer and network your e-mail traverses, or make sure that the e-mail contents are encrypted before it ever leaves your computer.”

— Read more in Zakir Durumeric et al., “Neither Snow Nor Rain Nor MITM … An Empirical Analysis of Email Delivery Security” (paper presented at IMC”15, Tokyo, Japan, 28-30 October 2015) (DOI: http://dx.doi.org/10.1145/2815675.2815695)