Symantec Advanced Threat Protection: Email – protecting the business against targeted attack

Categories: Business
Tags: Symantec

The growth of malicious targeted attacks is one of the most alarming trends in today’s business world.

With fewer emails sent and received generally – declining in number since 2012 according to Symantec – cybercriminals have been evolving new methods of targeting organisations.

They’ve moved away from a ‘spray and pray’ approach, as the greater the number of emails sent, the higher the risk is of detection. Today, up-front research enables a recipient list to be refined, resulting in fewer – ‘targeted’ – emails, and the ‘low and slow’ approach.

And while the number of emails sent and received across the world is reducing year on year, the number of attack campaigns is increasing – a growth of 55 percent in 2015 alone – with email the most common method of attack. Traditional signature-based antivirus strategies are less effective against these more targeted threats and a different approach is therefore required to detect them.

Symantec Advanced Threat Protection (ATP): Email incorporates multi-layered technologies and intelligence to deliver the most effective protection against spear-phishing, targeted attacks, and other advanced threats, whether a link is contained within the body of an email or as part of an attachment.

Real-Time Link Following evaluates links in real-time to block those that are malicious before an email is delivered, while Click-Time URL Protection continues protection for delivered emails. Links are rewritten to point to Symantec servers to enable evaluation of the link when ‘clicked’. Advanced Threat Protection: Email also addresses malicious links with time-based delay (pointing to genuine sites before evolving to link to malicous destinations), multiple redirects, shortened URLs, and hijacked URLs (when an attacker creates a fraudlent version of a genuine ad).

The Cynic cloud-based sandboxing and payload detonation solution provides further protection with suspicious emails and attachments being safely evaluated within Symantec’s cloud infrastructure and undelivered if found to be dangerous, and the ATP solution provides comprehensive reporting to deliver highest level visibility.

Michael Frisby, Cobweb MD: “Today’s evolving IT security threats require companies to adopt a more layered approach to protecting their IT and business assets from attack.

“Symantec’s ATP solution leverages their massive cloud scale and machine-learning algorithms, with more than 2 billion messages scanned every day, providing the largest base of data from which to spot unknown threats before they can reach our mailboxes.”

Hackim Farrell Sr Manager of Product Management, Symantec: “The average cost of a successful spear-phishing attack is $1.8M*. Symantec Email Security cloud with ATP: Email from Cobweb provides the most comprehensive form of URL Protection. Its Real-Time Link Following provides inline link analysis and heuristics scanning, whilst its Click-Time Protection protects users against latently weaponized URLs.”

*Vanson Bourne, January 2016