Story image

‘Crowd-sourced’ security to neutralise zero-day attacks

05 Jun 15

Security resellers and businesses have the chance to participate in the fight against cyber-criminals thanks to next-generation interactive sandbox security solutions, becoming part of what is effectively ‘crowd-sourced’ security.

Gary Gardiner, Fortinet ANZ director of engineering and services, says with the new next-generation interactive sandbox security solutions, which are hard-wired to respond against advanced persistent threats, resellers and organisations can join the fight against cyber-criminals.

Gardiner says zero-day threats are fast becoming the ‘risk-du-jour.

“More and more cyber criminals are creating exploit variations, or StrikeVariants, that can morp on the fly into literally 100,000 variations.

“These strikes bombard the firewall, making it work overtime to defend against all of the different StrikeVariants. It’s a resource-intensive operation that can overwhelm most defences.”

A single StrikeVariant can attack thousands of targets before it is neutralised, forcing under-attack networks to dedicate large amounts of processing power to stop the attack.

Gardiner says the best defence at this point is to match the StrikeVariant’s fire power with the massed processing capabilities of firewall gateways and well defined sandboxes.

Gardiner says Fortinet’s next-generation FortiSandbox security appliances map and analyse new zero-day StrikeVariants in the ‘fenced off’ sandbox.

The base code is then uploaded directly to Fortinet’s global security lab, FortiGuard.

“We take it apart, simulate all of the possible variants, create fixes and then deploy the detection signatures back to all of the interconnected FortiGate next generation firewalls, FortiMail and FortiSandbox devices.

“What was once a zero-day threat that could cause, at the very least, huge drains on processing power around the world, can now be prevented from even entering the network at the gateway.”

Gardiner is open that it’s not just Fortinet’s sandbox that can be put to action, but ‘any high-end sandbox solution’.

“It’s almost like crowd-sourcing security,” he says.

“Once there are enough sandboxes deployed around the world, each one acts as a zero-day threat detector.

“And as soon as they are identified and neutralised, these malware variants can’t really do much harm.”

Fortinet recently signed up to the United States’ Cyber Information and Sharing Collaboration Program (CISCP), which was established to share information on cyber threats, incidents and vulnerability information in near-real-time.

CISCP is, Gardiner says, the beginning of a unified, collaborative approach to cyber-security on a global scale.

“It’s the old divide and conquer strategy,” he says. “If cyber-criminals pick off companies one-by-one, defending is difficult.

“But if organisations band together and share real-time threat mitigation intelligence, we can neutralise even the most persistent attacks.”

InternetNZ welcomes Govt's 99.8% broadband coverage plan
The additional coverage will roll out over the next four years as part of the Rural Broadband Initiative phase two/Mobile Black Spots Fund (RBI2/MBSF) programme expansion.
Dr Ryan Ko steps down as head of Cybersecurity Researchers of Waikato
Dr Ko is off to Australia to become the University of Queensland’s UQ Cyber Security chair and director.
Radware joins Chillisoft’s expanding portfolio
The cloud DDoS prevention, app delivery controller, and web app firewall expert is another step toward a total enterprise security portfolio.
Commerce Commission report shows fibre is hot on the heels of copper
The report shows that as of 30 September 2018 there were 668,850 households and businesses connected to fibre, an increase of 45% from 2017.
Wearables market flourishing - fuelled by smartwatches
A market that has stuttered in the past now has a bright forecast as adoption of wearable technology continues to thrive.
The tech that helped the first woman to sail around Australia
Lisa Blair used devices from supplied by Pivotel to aid her in becoming the first woman to circumnavigate Australia non-stop.
Why there will be a battle for the cloud in 2019
Cloud providers such as AWS, Azure, and Google will likely find themselves in a mad scramble to gain additional enterprise customers.
WLAN market picks up thanks to high-end products
Dell’Oro Group have released a report showing that the WLAN market picked up in 2Q18 as 802.11ax saw its first shipments.