Browse by year:

July - 2013 - issue > View Point

Increasing Targeted Cyber Attacks Making Enterprises Move Towards Signature-Less Approach

Sridhar Jayanthi
Monday, July 1, 2013
Sridhar Jayanthi
FireEye is a global network security company that provides automated threat forensics and dynamic malware protection against advanced cyber threats. Founded in 2004, the company is headquartered in Milpitas, California and has raised $85.5 million in various rounds of funding from Sequoia Capital, Norwest Venture Partners, DAG Ventures, Juniper Networks and several other investors.

The global cyber security situation has reached a tipping point, where the volume and frequency of attacks penetrating an organization’s perimeter is causing IT administrators around the world to question the effectiveness of their existing security architecture. This is despite the organizations deploying traditional signature-based defenses such as firewalls, intrusion prevention, and anti-virus systems to mention a few. Security technologies considered state-of-the-art three years ago are quickly becoming inadequate given the changes in the cyber threat landscape. The result is the cyber security industry getting redefined in a big way by new technologies and players.

New Breed of Multi-Stage Cyber Attacks

The biggest change in the cyber-attack model over the last couple of years is indicated by the phenomenal success of the targeted attack. Just in the first four months of 2013, attacks have compromised the systems and networks at large banks, a popular social network site and a few well-known technology companies, each of which was targeted and not a victim of a randomwide-spread attack.

Next-generation threats are complex, cutting across multiple attack vectors to maximize the chances of breaking through network defenses. Multi-vector attacks are typically delivered via the Web or email. They leverage application or operating system vulnerabilities, exploiting the inability of conventional network-protection mechanisms to provide a unified defense. In addition to using multiple vectors, advanced targeted attacks also utilize multiple stages to penetrate a network and then extract the valued information. This makes it far more likely for attacks to go undetected. The five stages of the advanced attack lifecycle are as follows:

Share on Twitter
Share on LinkedIn
Share on facebook