So long as organisations continue to invest in security products that are defensive, cyber-attackers will continue to successfully breach networks and steal information, warned a security expert.
Organisations have invested in traditional defences that are “fundamentally reactive” as they rely on known methods of attack, Ashar Aziz, CEO, CTO and founder of FireEye, told eWEEK. The fact that defence contractors Lockheed Martin, L-3 Communications and Northrop Grumman or companies like Dow Chemical and Google are hit by cyber-attacks is not because they “forgot to do something”, but because the vulnerability is systemic and pervasive across all organisations, according to Aziz.
“The underlying story is that virtually every organisation – whether it’s a financial services company, a large company like Google, or a technology company like Juniper Networks – is equally vulnerable to attack,” Aziz said.
To illustrate his point, Aziz mentioned two FireEye customers, both defence contractors, who recently deployed FireEye’s Malware Protection System (MPS) “downstream” from their existing security products. Within 24 hours, the MPS had detected a number of threats that had slipped past the other systems, Aziz said.
“Every organisation allows Web pages to come in. They don’t know which pages are going to attack and which ones are safe,” Aziz said.
FireEye MPS creates a virtual execution environment to processes all content that enters the network. As soon as the virtual environment notices suspicious activity, whether it is a new process running, a processing being arbitrarily shut off (such as the antivirus), or some other unexpected change to the environment, the system blocks the malware from continuing to execute. Once detected, MPS logs the events in real-time to track what the malware is doing, such as installing a keylogger. The MPS can work with email to examine all incoming messages and attached files, as well as process Web pages while the user is surfing the web.
Aziz compared letting the Web site or email attachment execute in the virtual environment to sending a canary down into the coal mine. “If the canary dies, there’s malware,” Aziz said.
Existing security products tend to be reactive to the threat and are incapable of protecting yesterday’s threats, not the latest attack. However, attackers are continuously evolving their methods and testing malware against the same security products to ensure they can be bypassed. What organisations need to do is to deploy “second-generation” security tools to “augment” existing security products, Aziz said.
There are more nation-sponsored, advanced persistent threats, but they are not the only kind of attacks. Cyber-criminal motivated attacks are equally successful in infiltrating and compromising organisations, precisely because they use stealth tactics. Security products fail at “counter-stealth”, according to Aziz
The user has become the primary target for our adversaries, regardless of whether the attacks are launched by cyber-criminals or nation-states, Ghosh said. “Regardless of all the patches applied to technology, one cannot apply a patch to Layer 8- the human brain,” said Ghosh. Curious users make mistakes that result in the network getting “pwned” and intellectual property “exfiltrated, “ he said.
“So far, the bad guys keep showing they’re getting better and smarter and rather than being proactive about potential threats and attacks, the security industry is still reactive,” said Ghosh.
Nation-state cyberattack? Elon Musk blames outages on Monday at X (formerly Twitter) on “massive cyberattack”
More time required for Apple to improved the AI capabilities of the Siri voice assistant,…
German conglomerate Siemens confirms $285 million investment for manufacturing facilities in Texas and California
But US authorities still require Google to sell its Chrome browser, in order to mitigate…
Court ruling. Big Blue lawsuit filed in London had alleged IP theft of mainframe technology…
But what about Beijing? Donald Trump says administration in talks with four different groups about…