The Email Bomb

Reading an article from Business Week about the use of carefully crafted emails to target specific high-level government and business officials has me asking if anyone has finally figured out the solution is both simple and painful:

Email should be considered a threat until proven otherwise though the use of high quality cryptography.

I honestly can’t believe this is a new idea. Email is really no different from money: given a certain amount of time, effort, and skill both can be credibly forged and passed off as genuine yiedling reward to the forger and harm to the duped. It doesn’t make any sense to say “Don’t open email from people you don’t trust” when the enemy can easily pass themselves off as someone you trust via email. Seriously: bits are bits are bits.

In order to close this vulnerability down the answer is to force and enforce the use of strong email cryptography (I’m thinking a network of trust and PKI in addition to Certificate Authorities) to make a sender verifiable and to prevent tampering with attachments, etc. Then the rule becomes “don’t open anything without a valid, trusted signature” which raises the bar, perhaps almost impossibly high if done right, to forge an email.

Is this painful? Absolutely. Implementation and compliance efforts would be massive and tough, but I fail to see another method of stripping away from email its ability to be forged at will by attackers.