Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

  1. Home
  2. Careers-and-certifications
  3. Symantec-launches-new-defenses-against-targeted-cyber-attacks
  4. Page
  5. Symantec Launches New Defenses Against Targeted Cyber Attacks: Page 2 of 2
Careers and Certifications

Symantec Launches New Defenses Against Targeted Cyber Attacks: Page 2 of 2

Network security company Symantec has introduced four new software suites that address compliance management, data loss prevention, system management and infrastructure management to stop targeted attacks, which as opposed to a mass attack, are methodical and well-focused attacks on a particular network or networks, said David Dorosin, director of product marketing for Symantec.
April 14, 2010

In the capture phase, that attacker takes the assets he wants based not just on their potential value, but on the level of security that surrounds them. Some assets may be highly valuable, but are so well-protected that the hacker is better off stealing less valuable data that is easier to take. However, even  well-secured data is at risk in the event of what Dorosin calls "data spills." Data may be well-encrypted, but if it has been moved from one place to another on a network, a copy may have inadvertently been made and left in a less-secure server.

Once the data has been captured, the attacker has to determine an escape route, called the exfiltration phase. "They are looking for a way out of the network, an unused firewall port, typically Port 80 or Port 443 for http or https. They are hiding the information in commonly used ports that everybody is using." As complex as these attacks are, Dorosin adds, "If there is a silver lining to this, it is that if we can break any link in this chain we can effectively stop the attack."

New software intended to thwart targeted attacks includes:

  • Control Compliance Suite 10.0, which is intended to give an IT administrator an overall view of IT resources to ensure that security compliance standards are being enforced.
  • Data Loss Prevention Suite 10, which identifies where your data is on the network and whether the required security protection is applied to it. The software helps identify which people in the organization are using which data and helps "clean up" data spills that can be a security risk.
  • IT Management Suite 7.0, which integrates a variety of life cycle management functions to better automate some IT tasks that can be time-consuming. For instance, Dorosin said, IT help desk staff spend an inordinate amount of time resetting passwords for end users. An automated password reset function frees up help desk staff for more important tasks like installing security patches as soon as they are released.
  • Symantec Protection Suites, which protect the overall IT infrastructure.  They provide in-depth protection tailored to specific areas such as endpoints, servers and network gateways.

The Google attack may have been addressed and contained, but there will certainly be others, Dorosin said. "These attacks aren't something that have come and gone; it's an ongoing threat to the intellectual property of large organizations," he said.
 

Tags:

News
Careers and Certifications
Networking