I talk about a theory that just having the e-mail attachment or code in your computer could pose a risk if any unknown code flaws are ever exploited in old, current, or future code and programs.
Episode #12-37 released on May 20, 2022
Watch on Youtube
Download MP3 Audio
Conventional wisdom states that simply getting an e-mail and never opening it should not pose any risk to the computer or device. This is even more true, if none of the code is run, and no files are on the target system. After all, if none of the attachments or code is run, it should not pose a single risk to any computer or device. This is what we have always considered to be true.
For the majority of e-mails, this may continue to remain true, however, technology is always evolving, threats are always evolving, groups are always finding new techniques to get into computer systems and to exploit code on websites. The security we have today, may disappear tomorrow, and e-mails should not be treated any differently than your operating system, cellphone, etc.
There quite a few issues we need to analyze when it comes to how e-mails currently work in order to safeguard are computers and devices, as e-mails remain the single most troubling vector of computer infection leading to cryptographic ransomware.
E-mail attachments and code injected into them are such a problem that many businesses have to proactively scan all e-mails coming in because education alone is not always enough. And, while educating all people on the risk factors of clicking links and opening attachments is and has always had an impact, there are still too many cases in which someone is fooled by the e-mail sender, contents, message and does as the e-mail suggests.
And all this requires users to interact with e-mails and attachments. However, there may come a day where a vulnerability in e-mail applications we use on our computer, or website, may be exploited and used in a way that runs the file attachments without our knowledge or explicit request, and it can run malicious code in our computers and devices. And it is for this that at one point we will need much more than education, we will need proactive security to filter out all threats before they cripple our digital infrastructures, especially in a world where war is no longer a matter of bullets and bombs, but also in cyberspace for control of all infrastructures that we all depend on, which include power, water, and communications.
Host : Steve Smith | Music : | Editor : Steve Smith | Producer : Zed Axis Dot Net