The spread and sophistication of cyberattacks have led to new issues when using existing security measures, such as the difficulty of detection. Even when detection is successful, advanced skills and a huge amount of manpower are required to analyse the results.
NEC has dealt with these issues by developing a service designed to counter the unknown cyberattacks that used to be impossible to detect by applying artificial intelligence (AI) technology.
This service implements “detection” of unknown attacks over the entire attack process (from malware intrusion and the spread of infection inside a system to the achievement of an attacker’s aim such as theft of data).
After an attack “analysis” is also undertaken, thereby identifying the cause and extent of damage with a high degree of certainty.
Read more about the current status and issues of cybersecurity, the base AI technology of the service, and its main functions and features, together with the results of the verification of how and how much the service solves the issues in a paper written by the team at NEC global.
More sophisticated cyberattacks
As recent cyberattacks are becoming more and more advanced and targeted, the number of unknown malware used in the attacks are increasing. Included are those customised from the existing malware, known malware and ones that are custom-made for each target.
In consequence, most of the pattern-matching type antivirus software that has been distributed and used widely as a typical information security measure has almost become ineffective. This is because pattern matching is a technology for detecting known malware and was not developed against unknown malware. According to the tests conducted in-house at NEC, simply by modifying some known malware samples, the detection rate of pattern-matching type antivirus software decreased by as much as 85%.
Sandbox is a technology for detecting unknown malware. It runs a program suspected to be malware in a virtual environment isolated from the real network and determines whether or not it is malware based on its behaviour. However, malware makers have begun to counter the sandbox by implementing mechanisms for avoiding it. For example, some malware is now made not to run when it finds itself on a virtual machine.
As seen above, the approach to increasing the detection rate by identifying the malware has become a cat-and-mouse game with malware makers and it has become impossible to continue 100% detection.
Based on the situations described above, the paper written by the NEC global team introduces a service that can detect attacks by using new techniques and also improve the efficiency of analyses after detection, instead of detecting them by knowing malware in advance – read more.
Solutions to counteract external cybersecurity attacks
In addition to using innovative technology like AI to counteract cybersecurity attacks, there are other methods that can be deployed to protect your business and network from cyberattacks. Some of these include:
Incident response solution
NEC offers a comprehensive service to help deal with an incident in a customer’s system involving fraudulent access or information leakage. The service includes immediate on-site initial incident response, investigating the cause of the incident and determining the right countermeasures to minimise immediate risk. You can read more about incident response and the steps required to put in place an active cybersecurity incident response plan in a recent blog.
Targeted attack countermeasure solution
This solution suggests countermeasures against a targeted attack that are tailored to a customer’s individual system environment and includes measures at all points of an internal network, at the entrance and exit points and within the network itself. The solution can also develop an environment to help pinpoint latent threats on a regular basis.
Email security enhancement solution
Security measures for both the sending and receiving of emails, including the detection and isolation of targeted attack emails and phishing mail and the detection and blocking of fraudulent mail transmissions from within a company to an outside source.
Security operations monitoring solution
Cybersecurity specialists at NEC’s security operation centre (SOC) monitor and analyse customer systems. The SOC will inform a customer swiftly if it detects any unusual activity or problems and helps navigate an initial response.
DDoS attack countermeasure solution
This solution suggests tailor-made countermeasures to prevent a DoS/DDoS attack crippling a system.
Web system security enhancement solution
Additional measures to help protect web systems from cyberattacks that target diverse web system vulnerabilities, because these types of attack cannot always be stopped by firewalls or intrusion defence and protection systems.
Multi-layered defences can help seek out and eliminate attacks
Targeted attacks often use unknown malware that cannot be detected and removed by conventional antivirus software. When a client PC in a company is infected by unknown malware, the infected client PC must be identified, and immediate action is taken. One measure that is effective against theft of information by this type of unknown malware is “multilayer defence.” NEC provides “multilayer defence” that combines technological measures that quickly detect malware activities and human-based services such as user education and monitoring services.
Combatting cybercrime in New Zealand
NEC New Zealand partners with strategic vendors to provide best-in-class Cyber Security solutions to our customers. Our expertise in Cyber Security and next-generation security platforms enables protection against advanced cybersecurity threats to protect today’s networks.
NEC provide core products that include advanced firewalls and cloud-based offerings that extend those firewalls to cover other aspects of Cyber Security. We tackle Cyber Security problems at a strategic level, providing solutions that tackle the increasingly complex Cyber Security threats that businesses face in their daily business dealings. Our Cyber Security solutions include:
• Unified Threat Management (UTM)
• Intrusion Detection Systems (IDS)
• Intrusion Prevention Systems (IPS)
• Endpoint Protection
• Web Application Firewall
• Network Access Control (NAC)
• Identity and Access Management (IAM)
Find out more about cybersecurity solutions from NEC New Zealand and get in touch with one of the team today.