Traditional malware used for sabotage has had to give way for Advanced Persistent Threats (APT). These pose real threats to all organisations that have any kind of valuable information assets.
- Advanced – sophisticated attack techniques to exploit vulnerabilities in systems
- Persistent – monitoring and data extraction is done continuously from remote command and control servers
- Threats – victims are often targeted and the attacks orchestrated by humans
SecureLink works with leading technology vendors to identify and detect advanced malware such as APT. We also provide services, where we apply our security expertise, and relieve the customer from the issue of monitoring and maintaining the solutions. Customers can minimise negative impact and reduce response times and efforts.
The challenge with many existing solutions that want to stop malware is that they are based on signatures. A signature is a fingerprint (hash) that is unique for that specific file. If just one single character changes within that file the fingerprint will be completely different.
There are several problems with this approach:
- Malware volume
- About 400,000 new types of malware are registered every day. How will all your systems keep up fast enough and can they handle the amount?
- Polymorphic and Metamorphic Malware
- These type of malware will mutate or re-code themselves at every infection requiring one signature per infected endpoint
For these reasons most malware protection systems today have a component that will look at the behavior of a file and try to determine if it has a benign or malicious behavior.
This can be done with technologies like sandboxing and emulation.
SecureLink delivers both services and technology to help protect against today’s advanced threats. You get sophisticated detection capabilities, on gateways, mail and endpoints.