Experts warn millions of email servers could be vulnerable to attack

Akshit Behera

New research reveals millions of host sites are without TLS encryption

TLS encryption allows end-to-end encryption for safer communications and browsing

ShadowServer has recommended these hosts be retired

New research from ShadowServer has revealed 3.3 million POP3 (Post Office Protocol) and IMAP (Internet Message Access Protocol) mail servers are currently exposed to network sniffing attacks, due to being without TLS encryption.

TLS, or Transport Layer Security, is a security protocol which provides end-to-end security between applications over the Internet. It is used for secure web browsing, and encrypts communications through email, file transfer, and messaging.

ShadowServer scanned the internet for hosts running a POP3 service on port 110/TCP or 995/TCP without TLS support – finding 3.3 million hosts without the security layer.

Time to retire

Without TLS, passwords for mail access could be intercepted, and that exposed services could allow password guessing attacks on the server. Without the encryption, credentials and message content is sent in clear text, which exposes hosts to eavesdropping network sniffing attacks.

Almost 900,000 of these sites were in the US, with over 500,000 and 380,000 in Germany and Poland, but the researchers note, ‘regardless whether TLS is enabled or not service exposure may enable password guessing attacks against the server’.

“We have started notifying about hosts running POP3/IMAP services without TLS enabled, meaning usernames/passwords are not encrypted when transmitted,” the ShadowServer Foundation said in a tweet.

“We see around 3.3M such cases with POP3 & a similar amount with IMAP (most overlap). It’s time to retire those!”

Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

In August 2018, TLS 1.2 was updated with TLS 1.3 brought in, with 1.3 offering significant improvements in both performance and security. Whilst TLS is very common, ImmuniWeb reports that from Q1 2024 to date, there were 1,421,781 SSL/TLS events – so even with the encryption, there are dangers for users.

Via SecurityAffairs

Original Author: Ellen Jennings-Trace | Source: TechRadar

About

Shark’s Data Den provides data-driven insights and analysis on technology, business, and innovation.

AI artificial intelligence Artificial Intelligence: A Guide for Thinking Humans Being Human in the Age of Artificial Intelligence books bookself Dangers data science data scientist Human Compatible Human Compatible: Artificial Intelligence and the Problem of Control Life 3.0 machine learning Max Tegmark Melanie Mitchell Pedro Domingos Stuart Russell Superintelligence Superintelligence: Paths Dangers Strategies The Master Algorithm: How the Quest for the Ultimate Learning Machine Will Remake Our World

Discover more from The Shark's Data Den

Subscribe now to keep reading and get access to the full archive.

Continue reading