John Stevenson by John Stevenson | | Blog

The authors of financial trojans are now repacking their malicious software into a unique executable for each potential victim, avoiding any-and-all signature-based detection and doing so on an unprecedented scale. 

Concealment techniques such as polymorphism and steganography are becoming increasingly popular because they are the most effective way for the criminal to succeed. They are hard and indeed at times impossible to stop with traditional detection-based cyber security defences.  They give the bad guy the maximum “zero day window” in which to perpetrate an attack.

But if anti-virus products can't detect this malware, how can organisations  protect themselves? The answer lies in bolstering the existing perimeter cyber security defence with a technology that will eliminate the threat by transforming all business content as it passes over the boundary. Transformation removes threats such as those concealed using polymorphism and steganography by intercepting all business content (documents and images), extracting the business information from them and creating brand new ones for onward delivery. This approach is a game changer when it comes to dealing with sophisticated and indeed undetectable attacks because, nothing is trusted, everything is transformed and the threat is eliminated.

Best practice here has to be deploying transformation-based cyber security defences at every perimeter ingress and egress point including mail, Web browsing, Web Services applications and managed file transfers.

For more information on the content threat and the importance of content transformation, see our tech paper on this website.


View all posts