Every company thrives on communications; conference calls, corporate web sites, forums, internal communities and most obviously, electronic mails. But with all communications there comes the risk of eavesdropping, stolen ideas and the exposure of private communications into the public domain.

And in all corporations there are numerous devices which function as email transport points in the communications chain. These numerous email communication points can include workstations, servers, handheld devices, smart phones, iPads, etc. With all the communication points in the chain there are many openings for email hijacking to occur. All of these devices send and receive thousands of emails a day and so there many opportunities for false and misleading emails to be received by any end user in your organization.

But not only are the end users in an organization susceptible to false emails so are the companies’ email server hardware. Viruses can infect the servers, trojan horses can get embedded in the operating systems which run the email servers and malware can attack the various components of your servers.

There are many security issues that administrators need to protect against. Some of those issues include:

1. Denial of Service (DoS) – In this attack, an attacker is able to prohibit end users from accessing their servers and applications. Applications such as email will appear to be hung as end users attempt to send and receive email messages but are sometimes even unable to log into their application.

A DoS attacker is able to do this by causing a storm of traffic to engulf the network or a particular machine. The network or server(s) are unable to process all the incoming traffic because they have exceeded their highest level of traffic which they can support. Server response time slows down to only a trickle of information that is sent if any at all. All this has the effect of limiting the service that is run from the server and hence the term, Denial of Service. In the case of an email server, the denial of service can be caused by an onslaught of spam messages sent en masse.

2. Man in the Middle – In this attack an attacker is able to position themselves in between secure messages that use public key exchange. They then capture those messages and substitute their own public key as per request. The two communicating parties continue to exchange messages but one party is not who the other thinks they are. The man in the middle attacker uses the communications to intercept communications and sometimes can use what is transmitted – such as any confidential information – to their own advantage.
3. Malware – The expanded term refers to “malicious software” which is software that can infect most any unprotected system. Malware can be used as an attempt to disrupt the day to day business activities of most any company through the means of blocking access to applications, slowing down systems and services, and even altering the behavior of applications. Malware applications are known by their methods of disruption and include such names as viruses, trojan horses, spyware, worms and others.
4. Unauthorized access – There are countless news items each year about someone or some group of individuals that are charged with illegal access to email communications. Sometimes the perpetrator is a business associate that is well known to the email victim. Other times the perpetrator(s) was a previous employee at the company. That unlawful access can occur as the result of the perpetrator simply watching someone else type in their password or may be the result of sophisticated password guessing software.

The loss of data can cause not only a loss of private business confidential information but sometimes be a source of national concern when the stolen information is resold to foreign countries.

In the United States there is the Electronic Communications Privacy Act (ECPA) which can be used to punish data criminals for their illegal actions. The following web site describes the ECPA:  http://www.usiia.org/legis/ecpa.html

More specifically, administrators and IT directors can view the US Code 2701 – Unlawful Access to Stored Communications – at the United States Department of Justice web site: http://www.justice.gov/criminal/cybercrime/usc2701.htm

Here is the content which describes the offense, punishment and exceptions of US Code 2701:
§ 2701. Unlawful Access to Stored Communications
(a) Offense.–Except as provided in subsection (c) of this section whoever–
(1) intentionally accesses without authorization a facility through which an electronic communication service is provided;  or
(2) intentionally exceeds an authorization to access that facility; and thereby obtains, alters, or prevents authorized access to a wire or electronic communication while it is in electronic storage in such system shall be punished as provided in subsection (b) of this section.
(b) Punishment.–The punishment for an offense under subsection (a) of this section is–
(1) if the offense is committed for purposes of commercial advantage, malicious destruction or damage, or private commercial gain–
(A) a fine under this title or imprisonment for not more than one year, or both, in the case of a first offense under this subparagraph;  and
(B) a fine under this title or imprisonment for not more than two years, or both, for any subsequent offense under this subparagraph;  and

(2) a fine under this title or imprisonment for not more than six months, or both, in any other case.
(c) Exceptions.–Subsection (a) of this section does not apply with respect to conduct authorized–
(1) by the person or entity providing a wire or electronic communications service;

(2) by a user of that service with respect to a communication of or intended for that user;  or

(3) in section 2703, 2704 or 2518 of this title.

This statute can be applied in federal court to prosecute the illegal access of electronic mail messages.