Anti Targeted Attack
Comprehensive multi-vector discovery and risk mitigation of advanced threats and tareted attacks
Targeted attacks are long-term processes that compromise security and give the attacker control over the victim’s IT, while evading detection through traditional security technologies.
While some attackers use Advanced PErsistent Threats (APTs), which can be very effective but expensive to implement, other ‘targeted attacks’ are much cheaper to mount and can be just as devastating. These targeted attacks, using basic techniques – social engineering, stolen employee credentials, legitimate software or even malware covered by a stolen certificate – may not make the headlines, but they’re everywhere.
Most enterprises have already made a major investment in traditional IT security solutions, located primarily at gateway level. However, while these preventative security technologies can be very effective in protecting against common threats – including malware, data leakage, network attacks and more – they are clearly not enough: the overall number of business security incidents and breaches has not decreased one iota.
Today even with innovative technologies like Sandbox, EDR and other ‘next gen’ solutions, the challenge stay the same – how to choose the right incident and which incident relates to the most critical threats. Specialized discovery solutions play a core role in identifying those incidents that most warrant further investigation and response.
Advanced, targeted threats can typically remain undetected for 200 days or more, while cybercriminals silently gather valuable information and / or impact vital business processes.
According to Kaspersky Lab statistics, even a single targeted attack incident can cost an enterprise more than $2.5 million, compared to a starting point of $80k for the average small to medium business.
- Left unchecked, a targeted attack is likely to cause severe damage to the business, including:
- Substantial financial losses
- Loss of critical data
- Remote control by the attacker of apparently ‘authorized’ business processes
- Stealth manipulation of data
In a survey of Enterprise organizations conducted by Kaspersky Lab in 2015, 1 in 4 organizations (23%) confirmed that they had already been subjected to at least one targeted attack.
The Solution: Kaspersky Anti Targeted Attack
The Kaspersky Anti Targeted Attack Platform is part of an adaptive, integrated approach to enterprise security. Monitoring network traffic, combined with object sandboxing and endpoint behavior analysis, delivers detailed insights into precisely what’s happening right across a business’s IT infrastructure. This adaptive security approach protects businesses against the most sophisticated threats, targeted attacks, new malware – including ransomware and crimeware – and of course APTs.
By correlating events from multiple layers – including network, endpoints and the global threat landscape – the Kaspersky Anti Targeted Attack Platform delivers near real-time detection of complex threats, as well as generating critical forensic data to empower the investigation process.
Our industry – leading Global Security Intelligence is one reason why we can deliver this superior vendor can match the quality and breadth of our security intelligence, enabling us to protect businesses from an ever-widening range of threats.
But Global Security Intelligence is just the beginning – the Kaspersky Anti Targeted Attack Platform also incorporates powerful detection and analysis technologies, including:
- Multi-layered sensor architecture – for ‘all-round’ visibility. Through a combination of Network Sensors, Web and Email Sensors and Endpoint Sensors, the Kaspersky Anti Targeted Attack Platform provides advanced detection capabilities at every level of your corporate IT infrastructure.
- Advanced Sandbox – to assess new threats. The result of over 10 years of continuous development, our Advanced Sandbox offers an isolated, virtualized environment, where suspicious objects can be safely executed and their behavior observed.
- Powerful analysis engines – for rapid verdicts and fewer false positives. Our Targeted Attack Analyzer assesses data from network and endpoint sensors, rapidly generating threat detection verdicts for your security team.