E-mail is essential

The benefits of this means of communication are undisputed; so much so that an organisation's ability to function is largely dependent on having a working e-mail system. But since this knowledge is widespread, e-mail systems are frequently the target of attacks seeking to reduce system availability and, by spying on the content of e-mails, obtain information. Furthermore, e-mails infected with malware are used as vectors for cyber attacks. Protecting this essential communication channel must be a high priority for all those involved.

However, even less dangerous, unwanted e-mails (spam) are a nuisance for users and cause a disruption to technical systems. The spam e-mails being sent all over the world increase the amount of data traffic and clog up mailboxes.

When using e-mail, there are a number of threats to deal with regarding the following:

• Integrity and confidentiality of messages
• Authenticity of the sender
• Availability of the e-mail service itself

Integrity and confidentiality

An attacker who gains access to network traffic can read all e-mails, which means they can obtain sensitive or confidential information. Encrypting e-mail communications can be one way to protect against spying.

Authenticity of the sender

An attacker who gains access to network traffic can falsify e-mails, i.e. by modifying their content surreptitiously or creating new messages with a fake identity. This can lead to considerable damage, depending on how creative the attacker gets. Digital signatures are one form of remedy here.

Availability of the e-mail service

Unwanted e-mails (known as spam) are another type of threat. An excessive volume of spam may overload e-mail servers, thus causing a loss in availability of the e-mail service.

Threat scenario I: Malware infection via e-mail

E-mails are the preferred method for cyber criminals to spread malware, for example by sending malicious attachments and links or by downloading malicious code to HTML e-mails. Both users of e-mail and operators of Internet infrastructure have various ways in which they can limit the spread of malware via e-mail. Organisational and technical measures can be implemented.

BSI help

This document contains a range of security measures to suit whichever party is involved:

• E-Mail-Sicherheit: Handlungsempfehlungen für Internet-Service-Provider v2.0

Threat scenario II: Leaks & manipulation of information from e-mails being read

E-mails do not only lend themselves to sending malware into an organisation from outside -- if e-mails can be read, they offer an ideal method of intercepting information inside a company. The fact that users of e-mail only encrypt their messages very rarely makes this approach even easier. It means criminals are able to read e-mails easily or -- if they intercept e-mails en route to their destination -- even manipulate their content.

Comprehensive solutions for organisations: The IT-Grundschutz

In its IT-Grundschutz Compendium, the BSI provides compilations of threats and measures in the form of modules on various topics. Some of these threats and measures that have a special connection to the topic at hand are then used as examples and examined in detail. However, IT assets can only achieve widespread basic protection according to IT-Grundschutz if the IT-Grundschutz methodology described in BSI Standard 100-2 is applied in full.

The IT-Grundschutz Compendium deals with the topic of e-mail in the modules APP.5.3 General E-Mail Clients and Servers and APP.5.2 Microsoft Exchange and Outlook. Reference is made to threats and requirements in these modules.

BSI-Standards zur Internet-Sicherheit (ISi-Reihe) [BSI standards for Internet security (ISi series)]

The study (ISi-S) into the e-mail client describes how existing threats with normal protection needs can be countered with appropriate measures. These measures relate to a secure architecture for the e-mail client, a protected connection to the e-mail server and a secure exchange of information between individual communication partners.
Technical long version for IT experts: Sichere Nutzung von E-Mail (ISi-S) Non-technical short version for IT managers: Sichere Nutzung von E-Mail (ISi-L)

The ISi e-mail server module presents a secure basic architecture for normal protection needs, which covers all relevant countermeasures. To be able to flexibly adapt this architecture to the size of the infrastructure in question and to individual protection requirements, the study also presents extended or alternative measures, so even increased protection needs can be taken into account.
Technical long version for IT experts: Sicherer Betrieb von E-Mail-Servern (ISi-S) Non-technical short version for IT managers: Sicherer Betrieb von E-Mail-Servern (ISi-L)