It’s no secret that endpoint protection solutions based on “black list” technologies are having a hard time keeping up with the constantly proliferating varieties of malware currently in the wild. Just how hard, though, became clear in WatchGuard’s most recent quarterly internet security threat report, which found that fully 46 percent of all the malware variants to pass across the vendor’s radar during the last three months of 2017 were “zero-day” attacks not detectable by signature-based anti-virus solutions.
Put differently, that means anyone relying exclusively on traditional anti-malware products is exposing their endpoints to massive quantities of dangerous attacks. One reason why, according to WatchGuard Chief Technology Officer Corey Nachreiner, is rising use among cybercriminals of “packing” techniques that can make old threats resemble new and harmless software.
“They can jumble up the binary so that it looks different as it’s passing over the network or as a file landing on your computer,” he says. “When they unpack on your computer, it’s still the same old WannaCry, but there’s literally hundreds of thousands of different checksums, or hashes, for that same WannaCry.”
No software can possibly keep track of all those hash values, he continues, which means that deploying solutions that use real-time behavioral analysis rather than black lists to spot threats has gone from wise idea to absolute necessity.
“We keep it around because it’s a fast way to catch the noise, but it’s dead as far as we’re concerned,” says Nachreiner of signature-based protection technology. “If you don’t have behavioral protection, you’re missing half the malware.”
More Galleries like This
Sadly, but not surprisingly, ransomware has victimized lots of SMBs in the past year, according to a new study from Datto. The same research points to some encouraging trends, however.
Spook your customers into purchasing the robust security solutions they all should be using with the help of these truly frightening data points from leading security vendors.
Experts from KnowBe4, Malwarebytes, Sophos, Trend Micro, WatchGuard, and Webroot explain why cryptomining is becoming bigger than ransomware, signature-based security is dead tech walking, and artificial intelligence is giving the good guys a fighting chance.
A new report from the security vendor reveals ransomware to be the biggest but far from only significant threat plaguing businesses presently.
The security vendor foresees less ransomware, more business email compromise scams, and a dangerous increase in attacks on industrial infrastructure control systems.