|Matrix Global Partners, Inc. (Matrix), the exclusive distributor in the Americas for the award-winning endpoint protection solution StormShield®, today announced that, based on the analysis of the New York Times breach that was disclosed by the Times, StormShield would have stopped the malware attack that got past Symantec. This is a “real world” example of what StormShield users have confirmed for themselves over and over by doing “Live Attacks” lab tests. To see a sample report on how endpoints are protected against unknown live attacks please see the White Paper StormShield/Symantec/McAfee Live Attacks Test Results.
While many security experts have long known that antivirus is becoming increasingly less useful, the disclosures and defensive reaction from Symantec have shown a light on the issue. While signature based AV may have some limited value in stopping broad based attacks it is virtually worthless in stopping a targeted attack. According to the forensic data released by the Times, of the 45 malwares that were discovered to have penetrated the Times’ computers, Symantec identified and stopped “1”. That means that 45 malwares not only got past Symantec but then were able to exploit their penetration without ever being noticed by Symantec security.
Hackers are constantly seeking vulnerabilities and are quick to exploit them. How can organizations defend their systems from malware attacks like the ones that hit the Times? Standard endpoint protection suites that are dependent on signatures cannot provide protection. AV will not defend against attacks that exploit these flaws. Eventually, after a great deal of damage has been done, most endpoint protection and AV products will have a signature file update that may stop future exploits of this specific flaw. However, by the time that this defense is applied, the attacks have achieved their goals and the attackers are moving on to the next unpatched vulnerability. The malware that hit the Times was able to sit there for weeks/months undiscovered.
Is there a way to be protected against malware attacks like these? YES!
Customers using StormShield are protected against this type of vulnerability by using a unique multi-layer behavioral protection methodology. StormShield HIPS protection is proven to recognize and stop “unknown” attacks that will get past all of the other endpoint protection products.
In addition to the industry leading behavioral protection, the StormShield endpoint protection agent includes multiple layers of protection using a granular and modular security design. StormShield is the first intelligent solution based on behavioral analysis for device control, encryption of data, application control, HIPS, firewall, wireless and Network Access Control (NAC). StormShield provides immediate protection in real time against all types of attacks without depending on antivirus signatures/reputation. StormShield users are not dependent on waiting for a patch update or vulnerability fix to be safe from an attack on an unpatched vulnerability in IE or any other application.
To learn more about how you can be protected from malware attacks visit the HIPS section of the Matrix web site here. To request a demonstration of the StormShield protection please complete this Request Form.