A bad reputation spreads very quickly. It is for this reason that mail order companies, service providers or the banking sector are concerned with maintaining or optimizing it on the Internet …
But if customers fall victim to a man-in-the-middle (or man-in-the-middle) attack, their good reputation is quickly lost. In a man-in-the-middle attack, the attacker positions himself between the customer and the supplier and claims to be the supplier. Such an attack is also possible in the other direction.
The following example illustrates this: suppose you are an online mail order company and you send automated transaction emails like invoices or order confirmations. They are therefore sent to unknown third parties by the man-in-the-middle hacker. The bill never arrives to your customers and you don’t notice anything. Of course you do not receive money, because the customer never received an invoice. What is going on then? You send a reminder. This can generate, without prior invoice, irritation and loss of confidence in the customer, which practically means a disaster in marketing.
But it could be
even worse. When an attack is successful, sensitive customer data such as
his address, his bank details and his purchasing habits arrive at
unauthorized persons. In the case of insurance, medical cover,
credit institutions and even dating sites, this is a real problem, because it is
there very sensitive personal data.
of your customer is not only your top priority, but also that
from the email service provider that sends on your behalf. Article 33 of the GDPR
explains what happens in the event of a personal data breach: the controller (in this case the company of
marketing) must inform the supervisory authority (regional or national) and the
data subjects, in compliance with article 34 of the GDPR.
It’s not just your reputation
who is in danger. You also risk financial consequences. In the
extent the responsibility for breach of protection of personal data
can be attributed to the person in charge or to the subcontractor mandated by him (in this
e-mail service provider), the supervisory authorities may exercise
against the person (s) responsible for sanctions, corrective measures and investigations
in accordance with article 58 of the GDPR.
In the worst case,
it could even result in a permanent ban on dealing with this kind of
data, which effectively means a ban on activity
commercial. In addition, fines may be imposed. Article 83 of the GDPR
provides for substantial fines of up to 20 million euros or 4%
of the total annual turnover. The most recent example: authority
Data Protection Commission (ICO) Fined 205
million euros to British Airways after unidentified people gained access to
company customer data.
One thing is certain:
protecting your own server is not enough, because a “man with
middle “uses the weak point of sending an e-mail from A to B. In order to satisfy the
requirements of Article 5 Paragraph 1 of the GDPR, you should protect
sensitive customer data with DNSSEC and DANE.
DNSSEC and DANE, what are they?
DANE (DNS-based Authentication of Named Entities) is a test method that secures the establishment of an encrypted connection between a client and a server. Through a comparison of certificates (TLSA registration), communication partners using DANE make up for the conceptual weakness of SSL / TLS, in which a third party could pretend to be the “good server” and lead the client to transfer its data to the “wrong” address.
The prerequisite for using DANE is DNSSEC (Domain Name System Security Extensions), which guarantees that the test characteristics transmitted via DNS can be verified. Here too, hackers could introduce false information into the DNS and lead the client to the wrong address.
This is how it works
What a shipment looks like
typical email with DANE? Suppose you are an online merchant
and send an email to a customer with an email account at example.de.
Here’s what would happen:
- Your mail server determines the mail server responsible for the recipient domain. It also checks whether the DNS server offers the DNSSEC recipient domain;
- If the DNS server offers DNSSEC, your mail server checks if there is a TLSA record for the recipient domain;
- Your mail server then establishes a connection with the mail server of the recipient domain. If it does not offer STARTTLS to encrypt the connection, your mail server will immediately disconnect, because there is suspicion of a downgrade attack;
- If the target server offers STARTTLS, your mail server starts an encrypted TLS connection. It compares the checksum of the target server’s certificate with the TLSA information received via DNSSEC;
- If the sums match, the destination server is checked. If there is no match, a DANE client will immediately cancel the transaction because there is a suspicion of a man-in-the-middle attack. Without these controls, we end up sending data to an unreliable address.
So that DANE can
work with DNSSEC, both must be configured on the server
online merchant messaging. If an email service provider is used for sending email, the
messaging platform needs to be extended so that DNS queries can
also check the DNSSEC functionality and use its capabilities for the
The foundations are laid
since a long time. “DNSSEC is a mature and stable procedure for
years, “says Patrick Koetter (manager of the skills group
eco groups “Anti-Abuse” and “E-Mail” –
Internet Trade Association). “Practical experience on
major ISP platforms and metrics show that the concerns of
some administrators are not technically tenable. ”
If you consider the
financial consequences and the loss of reputation that a Downgrade attack
and / or a “man in the middle” attack can lead to,
the effort to activate DANE and DNSSEC is worth it. They are the only one
cost-effective automated option for truly secure data transmission
between email servers.
You can learn more about the associated technologies and deepen the subject during a workshop at the CSA Summit 2020 by clicking on the words.