The security experts at Retarus have issued a warning about the growing number of disguised phishing attacks emanating from Russia. According to a recent analysis published by the enterprise cloud service provider, 98 percent of the emails classified as malicious could not be conclusively attributed to Russia based on their domain endings, rendering the blocking of emails at the domain level futile. Retarus advises companies to take this into consideration as far as their email security solutions are concerned – and to take the appropriate measures.

Unless they have business contacts in Russia, it is generally recommended for companies to identify and automatically block all Russian emails based on the GeoIP, before they even have the chance to enter the company network. This can be achieved with technologies such as Retarus Predelivery Logic. Beyond this, companies should take steps to sensitize their employees regarding Russian phishing attacks.

Directing email traffic into the correct lanes

With Retarus’ Predelivery Logic service, emails are already analyzed and can be blocked, if necessary, based on individual rule sets at the security gateway – before they ever reach the recipient company’s infrastructure and cause damage there. The rule sets in Predelivery Logic allow identification according to “Source IP Country” and the automatic triggering of appropriate measures. Depending on how the service has been configured, this could mean isolating the message in the user quarantine, for instance. The service also gives companies the option of recognizing the language in the message body, in addition to the geographic origin of the message, and using this as the basis for activating automatic rules.

To complement these customer-specific options available in Predelivery Logic, Retarus is also responding to the current state of affairs by keeping an eye on the development of the situation at the infrastructure level and staying in close contact with the competent authorities. If necessary, the experts at Retarus apply immediate measures, such as blocking the offending IPs and domains, without the customer having to take any action. The respective measures are then continuously reviewed and adapted as required.

Beware of Russian third-party providers

Just recently, in connection with Russia’s attack on Ukraine, the German Federal Office of Information Security (BSI) spoke of an “increased non-specific threat situation” and explicitly warned companies against the use of Kaspersky solutions as a result of security concerns. Companies are urged to check whether the email security solutions they are using contain any Russian components.

“After Russia launched its attack on Ukraine, we immediately replaced Kaspersky’s products and solutions with those of another provider to avoid taking on any security risk,” explains Martin Hager, founder and CEO at Retarus. “With our Advanced Threat Protection, Post Delivery Protection, and the infrastructure services offered by the Retarus Secure Email Platform, we provide our customers with optimum protection at all levels against treacherous cyberattacks from Russia.”

About Retarus

With its outstanding solutions and services, intelligent infrastructure, and patented technology, Retarus manages communication for companies worldwide. Retarus’ state-of-the-art technologies, highly available data centers, and innovative cloud messaging platform offer maximum security, maximum performance, and business continuity. With experience in steering information flows at the enterprise level, Retarus ensures that information is transferred securely and reliably to the right place, at the right time, in the right format—since 1992 and with now 19 subsidiaries on four continents. 43 percent of S&P Global 100 companies as well as numerous Fortune 500 companies in the banking, finance and healthcare sectors rely on Retarus’ services. Longstanding customers include Adidas, Amer Sports, athenahealth, Bayer, BNP Paribas, Bosch, Continental, Cubic Corporation, DHL, Fujitsu, Geico, Goldman Sachs, John Deere, J.P. Morgan, LabCorp, Merck, Petronas, PSA, Sony, and Zeiss.

Previous I/O Adventure Google Cloud Architecture
Next The 16-Point Checklist For GitOps Success