The more things change, the more they seem to stay the same. It also seems that in cyber security, the more we attempt to stop or mitigate the damage of cyber security breaches, the more they occur. And why should we expect anything different when the rewards for cyber-criminal behavior continue to prove worth the risk of being caught?
Cyber Criminals Are Relentless
Cybercrime may be the biggest global threat of 2018 according to Richard Van Hooijdonk. And he continues by writing:
“Cybercrime is relentless, undiminished, and unlikely to stop. It is just too easy and too rewarding, and the chances of being caught and punished are perceived as being too low.” That’s a pretty direct warning from James Lewis, the director and senior fellow of the Technology and Public Policy Program at the Center for Strategic and International Studies. And unfortunately, he’s right.
2017 was a banner year for the bad guys. As Alcor reports, ransomware was a real problem, with NotPetya/ExPetr, WannaCry, and Bad Rabbit as leading examples of malicious attacks. Josh Fruhlinger, a security expert writing for CSO, explains that “Ransomware is a form of malicious software (or malware) that, once it’s taken over your computer, threatens you with harm, usually by denying you access to your data. The attacker demands a ransom from the victim, promising — not always truthfully — to restore access to the data upon payment.” It’s only one kind of cybercrime, but unfortunately one that’s growing in popularity. We see it as the biggest cyber threat of 2018, and we’re concerned about just how widespread these attacks have become.
The CSIS/McAfee report makes this worryingly clear. “A good estimate is that two-thirds of the people online— more than two billion individuals—have had their personal information stolen or compromised,” it states. “One survey found that 64% of Americans had been victims of fraudulent charges or loss of personal information. Cybercrime is front-page news because it touches everyone.”
Breaches Grow Exponentially
Arron Tan of TechTarget reported in ComputerWeekly that “Over 146 billion records to be stolen over next five years” and further stated:
“More than 33 billion records will be stolen by cyber criminals in 2023 alone, despite data protection laws mandating strong measures to protect personal and financial data, a study has found.
The figure represents an increase of 175% over the 12 billion records expected to be compromised in 2018, resulting in cumulative losses of more than 146 billion records over the next five years, according to research by Juniper Research.
However, average levels of cyber security expenditure will remain relatively static. Spending by small businesses in 2018 will only make up 13% of the overall cyber security market in 2018, despite more than 99% of all companies being small businesses.
In addition, the cost of breaches can exceed millions of dollars, dwarfing the turnover of such businesses.”
Limit Your Exposure, Faster
The combination of an evasion-proof technology to prescreen content with your current sandbox technology will set a new standard for cyber threat prevention. Given that the reason your sandbox is slow is because it has to detonate every file that comes into the network, it would stand to reason that if something could prescreen all of the files in real-time (i.e. sub millisecond) and then pass only the suspect files to the sandbox for detonations, then you could speed your sandbox exponentially. This would also in fact reduce the number of resources committed, saving precious budget.
Evasion proof solutions front-ending your sandbox will also allow you to prevent instead of having to remediate cyber threats, even zero-day. Solebit’s SoleGATE(now part of Mimecast) uses deep inspection and analysis methods that can interpret and detect malicious code in real time and immediately block threats. Having SoleGATE take the initial inspection will allow only those files suspect of containing malicious code to be detonated by your sandbox and greatly reduce the load.
With SoleGATE every line of code is evaluated, making Sandbox evasion techniques ineffective and on average, the analysis time is between milliseconds up to a few seconds as opposed to Network Sandboxes typically taking 5-15 minutes to perform the same analysis.Bottom line is that your users will be much happier now that content is flowing faster throughout your organization and finance will be happier with the reduced expenses.
See for yourself what SoleGATE can do to deliver evasion proof security and supplement your sandbox in your organization today. Register for a free trial today.