Networking

09:22 AM
Connect Directly
RSS
E-Mail
50%
50%

Cisco Unveils New Security To Thwart 'Targeted' Attacks

Cisco Systems, which reported recently that mass spam email attacks on computer users are being replaced with more sophisticated, targeted attacks, has introduced a new security technology to thwart those attacks. At its Cisco Live conference, the company unveiled Cisco IronPort Outbreak Filters, which, when spotting a suspicious email containing what might be a malware link, rewrites the link to direct it to a Cisco security tool that will determine if it is malware and, if so, block it.

Cisco Systems, which reported recently that mass spam email attacks on computer users are being replaced with more sophisticated, targeted attacks, has introduced a new security technology to thwart those attacks. At its Cisco Live conference in Las Vegas, the company unveiled Cisco IronPort Outbreak Filters, which, when spotting a suspicious email containing what might be a malware link, rewrites the link to direct it to a Cisco security tool that will determine if it is malware and, if so, block it.

Also at Cisco Live, the company unveiled a Business Class E-mail (BCE) system that delivers automatic user identification, embedded email controls, added encryption security and universal device support. The latter is designed to extend security to the personal devices workers now use in the workplace, such as smartphones and tablet computers.

The Outbreak Filters product is designed to respond to new targeted attacks on specific email users. At a news conference in the San Francisco area June 30, Cisco shared results of an internal study that showed that mass spam attacks, in which messages are sent to millions of inboxes, are on the decline because they’re increasingly ineffective. Instead, cyber criminals are launching targeted attacks that are written to a specific individual with a message more likely to trick him or her into clicking on a link that downloads a malware payload.

Outbreak Filters look out for such messages, and when a suspicious one is found, it rewrites the link before sending it on to the intended recipient, says Nick Edwards, director of Cisco's Security Technology Business Unit. Rewriting the link redirects it to Cisco’s ScanSafe Cloud Web Security system--technology from a Cisco acquisition done a year and a half ago--which scans the link destination to determine if it is a malware site. If it is malware, ScanSafe blocks user access, preventing the download; if it’s legitimate, the site opens up.

"Rewriting the link is what allows us to scan the payload that would come from that site," Edwards explains. "We do a deep scrub, determine the context of [that link] and where that email originated."

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Cartoon
Slideshows
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Video
Twitter Feed