January 21, 2022

It’s all fine… until it’s not

Insurance, we all know we need it, but no one actually wants it or wants to pay for it. The rise of ransomware hacking has been massive over the past few years and to kick off 2022 saw an email service provider taken down along with their customers (Telcos and ISP’s). How could this happen and what can you do about it when and if it does?

Starting from the baseline that we all should know about: software is only secure if it is up to date. Going beyond the application though, this applies to everything in the stack: the VM Hypervisor, operating system, network infrastructure, firewalls, proxies, load balancers, storage devices, databases and more.

One of the major issues with consumer email platforms is that they have traditionally been given away as a value-added service, often many years ago, as part of an ISP subscription to attract new customers. Over time both the consumer and provider began to devalue the “free” service. It became expected by consumers and Telcos just saw mounting costs with no real return. This led to little to no investment in email unless new technology could deliver cost savings, causing many email platforms to be become out of date with no one ready to stand up and take responsibility for the ongoing management and security of the platform.

It really was only a matter of time before the bad guys worked out that hacking an email service provider gave them the keys to tens of thousands of email accounts which obviously has a much higher value and rate of return compared to individual email account hacking. With the well-trodden path of hack, encrypt and then ask for a ransom, this has to be a growing market that Telcos and ISP’s all over the world should be looking at very carefully.

The irony of this perceived lack of value is that consumers value their email VERY MUCH. It has become a repository of memories, connections, friendships, passwords, receipts, and more. Consumers have been conditioned over many years not to want to pay for the service but still it is in many ways a part of their digital identity and record of their journey through life…. if you aren’t convinced search for email service disruptions and read about the devastating consequences it can have on individuals, families and small businesses affected.  Like the title of this article says, It’s all fine… until it’s not.

Over two decades ago Atmail started providing software to Telco’s and internet service providers (ISP’s) who installed our software and ran it on their own in-house servers. With this some customers updated our software when we notified them while others did not, citing it’s not broken so it must be fine. It’s just email.  This was the same for the underlying servers, switches and databases increasing the attack surface even further.  A ticking time bomb.

About a decade ago we decided to do something about this security issue by hosting our software. The idea was that Telcos and ISPs who were over hosting email could give it to us and trust it would be looked after so they could get on with doing things that they cared more about. This was our first experience at providing a service along with our software long before Software as a Service (SaaS) was a common thing. White label carrier grade hosted email was officially live. Truthfully it was a rudimentary service but most importantly our software and the underlying infrastructure was patched as required to keep it secured for our customers. As the years rolled on, we decided to take the SaaS journey one step further and invest in a ground up re write to re imagine the Atmail email platform as a native cloud hosted service with multiple availability zones, multiple levels and layers of security, massive scalability, true multi-tenancy to support multiple domains, and so on. We chose to build and run our software on Amazon Web Services (AWS) as the clear leader in cloud computing. Today we are a strategic Independent Software Vendor (ISV) partner of AWS and are very satisfied (as too are our customers) that our service along with the underlying infrastructure is all up to date and that best practice security lives in every component of the service. Supported by teams of experts and multiple technology layers constantly monitoring the service along with regular penetration testing by both external parties and online services, and regular security training and drills. We even ask to be hacked via our bug bounty program. To date we have paid out 10’s of 1’000’s of dollars to many security professionals to help protect our platform from the unknown, unknowns.

While we are doing all we can to prevent an incident we aren’t naïve enough to think that makes us immune. We simulate attacks and practice our recovery, testing the systems, staff and processes are as good as they can be.  Outages that last days are simply not acceptable.  The only way any software or service can reduce the risk of a security breach is to be current. The internet by design is a moving target and with it so are the vulnerabilities that are found each day.

If your customers data (their emails) is important to you as a business and you want to mitigate the risk of reputational damage as has occurred with the serious multi day outage effecting multiple customers and 10’s of 1,000’s of mailboxes please reach out for a chat.

Quality secured cloud hosting is not cheap and as such we are not the cheapest nor do we wish to be, but we do put our (and your) money where it is needed most to ensure the security, privacy and trust you have spent many years building is not eroded by ransomware or other security threats out there waiting to wreak havoc. Is our service immune to being hacked? Certainly not. Are we doing everything we can to minimise the risk?  Yes we are.

If you are interested in understanding a little more about our AWS email platform this webinar from early 2021 is a good watch Cloud Email Security – YouTube

Article Source: Mail2World’s 2022 Email Outage – BlueScreen Computer

Share This Post