Story image

Cyber crisis continues unabated – is ATP the answer?

15 Nov 18
Sponsored

Statistics on cybercrime certainly makes for some pretty grim reading.

The security landscape is growing exponentially every day, and this growth is true both in terms of the number of threats as well as the complexity of these risks.

A report from Risk Based Security found more than 4.2 billion records were exposed during data breaches in 2016, nearly 4x the previous record of 1.1 billion.

According to IBM, cybercriminals are estimated to have made an incredible $1 billion from ransomware in 2016. Half of the executives that coughed up money handed over more than US$10,000 each, while 20 percent paid more than $40,000.

While it’s clear organisations around the world face security and productivity challenges every day, Juniper Networks says it’s the zero-day malware that often goes undetected because traditional security devices, which rely on signature-based detection, can’t see it.

“In many cases these days, advanced adversaries are leveraging zero day attacks that they create, or even buy on the open market, to attack not only infrastructure, but specifically target users or companies and exploit the trust models which give them access to the information they desire,” says Juniper Networks security solutions architect Andy Leung.

“Examples have been found where malware can intelligently evade solutions by turning off anti-virus solutions, by detecting whether they are in virtualised sandbox environments and if so not even activating themselves, or by even emulating legitimate user behavior to disguise and distract from nefarious activities. In many cases, traditional security mechanisms are no longer sufficient to prevent exfiltration of sensitive data.”

According to Juniper, these traditional security devices that are deployed inline have a very limited amount of time in which to decide whether an object is malicious or not – longer than just a few milliseconds and there will be negative impacts on modern real time applications resulting in a poor user experience.

And then of course there is the problem of security teams being overwhelmed by copious amounts of alerts, with the result being they can often fail to recognise and act when an incident is actually critical.

Leung says with the security landscape accelerating faster than the skilled resource pool, the maintenance and growth of security teams is becoming prohibitive for most organisations.

So what’s the solution? Juniper says it lies in equipping security teams with its Advanced Threat Prevention (ATP) Applicance to provide comprehensive on-premise protection.

The Juniper ATP Appliance uses advanced machine learning and behavioural analysis technologies to identify existing and unknown threats in near real time. This is conducted through continuous, multistage detection and analysis of web, email, and lateral spread traffic moving through the network.

The ATP Appliance ingests threat data from multiple security devices, applies analytics to identify advanced malicious traits, and aggregates the events into a single comprehensive timeline view of all the threats on the network. Organisational security teams can quickly see how the attack unfolded and easily prioritise and action critical alerts.

Malicious IP addresses are pushed to firewalls to block the communication between command-and-control servers and infected endpoints. Infected hosts are isolated through integration with network access control devices providing near real time incident response capabilities to organisations.

In the ongoing battle against cybercrime, it’s clear that businesses are going to have to take measures to stack the odds more in their favour.

To find out more about Juniper ATP visit Juniper’s security webpage, The Shield.

How your enterprise backup solution could fail
Even the best-trained employees are prone to error, and unfortunately, sometimes those errors affect enterprise backups.
How businesses will pivot AI strategies to align with human-centric goals
AI will not only allow businesses to reduce costs but will also provide ROI to the staff working with the technology. 
HubSpot announces fund for 'customer first' startups
HubSpot is pouring US$30 million (NZ$40 million) into a new fund to support startups that demonstrate ‘customer first’ approach of not only growing bigger, but growing better.
Commerce Commission report shows fibre is hot on the heels of copper
The report shows that as of 30 September 2018 there were 668,850 households and businesses connected to fibre, an increase of 45% from 2017.
Mac malware on WatchGuard’s top ten list for first time
The report is based on data from active WatchGuard Firebox unified threat management appliances and covers the major malware campaigns.
Using blockchain to drive transparency across the supply chain
"With blockchain, it’s likely we’ll see an increase in trust between organisations that work together through the supply chain."
Why businesses are struggling to reach digital maturity
Approximately 65% of respondents identified that they have yet to reach 'expert' status in their digital transformation maturity.
Bin 'em: Those bomb threat emails are complete hoaxes
A worldwide spate of spam emails claiming there is a bomb in the recipient’s building is almost certainly a hoax.