Symantec Advanced Threat Protection: Email – protecting the business against targeted attack

Ross MacKenzie
Tags: Symantec

The growth of malicious targeted attacks is one of the most alarming trends in today’s business world.

With fewer emails sent and received generally – declining in number since 2012 according to Symantec – cybercriminals have been evolving new methods of targeting organisations.

They’ve moved away from a ‘spray and pray’ approach, as the greater the number of emails sent, the higher the risk is of detection. Today, up-front research enables a recipient list to be refined, resulting in fewer – ‘targeted’ – emails, and the ‘low and slow’ approach.

And while the number of emails sent and received across the world is reducing year on year, the number of attack campaigns is increasing – a growth of 55 percent in 2015 alone – with email the most common method of attack. Traditional signature-based antivirus strategies are less effective against these more targeted threats and a different approach is therefore required to detect them.

Symantec Advanced Threat Protection (ATP): Email incorporates multi-layered technologies and intelligence to deliver the most effective protection against spear-phishing, targeted attacks, and other advanced threats, whether a link is contained within the body of an email or as part of an attachment.

Real-Time Link Following evaluates links in real-time to block those that are malicious before an email is delivered, while Click-Time URL Protection continues protection for delivered emails. Links are rewritten to point to Symantec servers to enable evaluation of the link when ‘clicked’. Advanced Threat Protection: Email also addresses malicious links with time-based delay (pointing to genuine sites before evolving to link to malicous destinations), multiple redirects, shortened URLs, and hijacked URLs (when an attacker creates a fraudlent version of a genuine ad).

The Cynic cloud-based sandboxing and payload detonation solution provides further protection with suspicious emails and attachments being safely evaluated within Symantec’s cloud infrastructure and undelivered if found to be dangerous, and the ATP solution provides comprehensive reporting to deliver highest level visibility.

Michael Frisby, Cobweb MD: “Today’s evolving IT security threats require companies to adopt a more layered approach to protecting their IT and business assets from attack. 

“Symantec’s ATP solution leverages their massive cloud scale and machine-learning algorithms, with more than 2 billion messages scanned every day, providing the largest base of data from which to spot unknown threats before they can reach our mailboxes.”

Hackim Farrell Sr Manager of Product Management, Symantec: “The average cost of a successful spear-phishing attack is $1.8M*. Symantec Email Security cloud with ATP: Email from Cobweb provides the most comprehensive form of URL Protection. Its Real-Time Link Following provides inline link analysis and heuristics scanning, whilst its Click-Time Protection protects users against latently weaponized URLs.”

*Vanson Bourne, January 2016

Related Articles

New Microsoft Teams features announced in time for second UK lockdown

Discover the latest Microsoft Teams meeting, calling and chat features that are coming this Autumn.

Read More

Cobweb shortlisted for two 2020 CRN Channel awards

We're shortlisted for CRN Cloud Services Provider of the Year, which we were delighted to receive in 2019, and SMB Reseller of the Y...

Read More

Cobweb MD named in LDC Top 50 Business Leaders ‘One to Watch’

"The leaders behind tomorrow’s mid-sized firms, growing innovative and resilient businesses, and making a big impact on their custom...

Read More

What is Microsoft Azure and why does your business need it?

Andrew, a Cloud Solution Architect, looks at what Azure is, why businesses should use it, and some Azure misconceptions he has heard...

Read More