sb-as logo
Story image

Cyber crisis continues unabated – is ATP the answer?

15 Nov 2018

Statistics on cybercrime certainly makes for some pretty grim reading.

The security landscape is growing exponentially every day, and this growth is true both in terms of the number of threats as well as the complexity of these risks.

A report from Risk Based Security found more than 4.2 billion records were exposed during data breaches in 2016, nearly 4x the previous record of 1.1 billion.

According to IBM, cybercriminals are estimated to have made an incredible $1 billion from ransomware in 2016. Half of the executives that coughed up money handed over more than US$10,000 each, while 20 percent paid more than $40,000.

While it’s clear organisations around the world face security and productivity challenges every day, Juniper Networks says it’s the zero-day malware that often goes undetected because traditional security devices, which rely on signature-based detection, can’t see it.

“In many cases these days, advanced adversaries are leveraging zero day attacks that they create, or even buy on the open market, to attack not only infrastructure, but specifically target users or companies and exploit the trust models which give them access to the information they desire,” says Juniper Networks security solutions architect Andy Leung.

“Examples have been found where malware can intelligently evade solutions by turning off anti-virus solutions, by detecting whether they are in virtualised sandbox environments and if so not even activating themselves, or by even emulating legitimate user behavior to disguise and distract from nefarious activities. In many cases, traditional security mechanisms are no longer sufficient to prevent exfiltration of sensitive data.”

According to Juniper, these traditional security devices that are deployed inline have a very limited amount of time in which to decide whether an object is malicious or not – longer than just a few milliseconds and there will be negative impacts on modern real time applications resulting in a poor user experience.

And then of course there is the problem of security teams being overwhelmed by copious amounts of alerts, with the result being they can often fail to recognise and act when an incident is actually critical.

Leung says with the security landscape accelerating faster than the skilled resource pool, the maintenance and growth of security teams is becoming prohibitive for most organisations.

So what’s the solution? Juniper says it lies in equipping security teams with its Advanced Threat Prevention (ATP) Applicance to provide comprehensive on-premise protection.

The Juniper ATP Appliance uses advanced machine learning and behavioural analysis technologies to identify existing and unknown threats in near real time. This is conducted through continuous, multistage detection and analysis of web, email, and lateral spread traffic moving through the network.

The ATP Appliance ingests threat data from multiple security devices, applies analytics to identify advanced malicious traits, and aggregates the events into a single comprehensive timeline view of all the threats on the network. Organisational security teams can quickly see how the attack unfolded and easily prioritise and action critical alerts.

Malicious IP addresses are pushed to firewalls to block the communication between command-and-control servers and infected endpoints. Infected hosts are isolated through integration with network access control devices providing near real time incident response capabilities to organisations.

In the ongoing battle against cybercrime, it’s clear that businesses are going to have to take measures to stack the odds more in their favour.

To find out more about Juniper ATP visit Juniper’s security webpage, The Shield.

Story image
Rising threat of data breaches among enterprises drives growth in network security revenue
"Key factors leading to the growth of network security market revenue in the Asia Pacific region includes instances of ransomware attacks, targeted attacks and phishing."More
Story image
Ingram Micro becomes Thycotic's primary distributor in Singapore
As part of the partnership, Ingram Micro will leverage its position within the distribution sector and, its global infrastructure and its go-to-market (GTM) expertise, to deliver a joint GTM strategy in Singapore with Thycotic.More
Story image
Stealth Solution helps Korean firms improve their cryptographic security standards
Now, more than ever, security is at the forefront of our increasingly digitized world – one that is quickly moving toward everything encrypted, signed, and authenticated.More
Link image
The definitive checklist to distinguish a broken authentication system
An improper or insecure implementation of authentication is a critical web application security risk. This checklist will discern the good from the bad.More
Story image
Cyber Security Cloud launches WafCharm on Microsoft Azure
Already available to more than one million Amazon AWS users around the world, this launch provides Azure users with AI operation of Web Application Firewall (WAF) rules, expanding WafCharms availability to 60% of the world's cloud users. More
Story image
Palo Alto Networks launches enterprise data loss prevention service
"As a single centralised cloud service, Palo Alto Networks Enterprise DLP can be deployed across an entire large enterprise in minutes with no need for additional infrastructure."More