|
Google in partnership with the University of Michigan and the University of Illinois, has published the results of a multi-year study that measured how email security has evolved since 2013. Although Gmail was the foundation of the research, insights from the study are believed to be applicable to email more broadly.
The study also notes several new security challenges:
Regions of the Internet were found to be actively preventing message encryption by tampering with requests to initiate SSL connections. “To mitigate this attack, we are working closely with partners through the industry association M3AAWG to strengthen ‘opportunistic TLS’ using technologies that we pioneered with Chrome to protect websites against interception.”
Group also uncovered malicious DNS servers publishing bogus routing information to email servers looking for Gmail. “These nefarious servers are like telephone directories that intentionally list misleading phone numbers for a given name. While this type of attack is rare, it’s very concerning as it could allow attackers to censor or alter messages before they are relayed to the email recipient.”
Sponsored byDNIB.com
Sponsored byRadix
Sponsored byVerisign
Sponsored byCSC
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byWhoisXML API