Security firms slow to react to spear phishing like that used in China hack

By Antone Gonsalves, CSO |  Data Protection

However, the problem is this requires a Symantec customer, for example, to add technology that should already be in the vendor's product. "Instead of having one solution that's able to address this problem, I now have to buy another point product to cover up what my existing technology has been failing at," Holland said.

The email security vendors are starting to play catchup, due to the success of FireEye and Damballa, Holland said. For example, Proofpoint released last spring analytics aimed at catching advanced malware used in spear phishing attacks.

Not everyone is sold on the need for expensive analytics. Many companies could improve security dramatically by strictly limiting, or removing, applications known to contain many vulnerabilities exploited by hackers, such as Java and Adobe Flash, said Al Pascual, an analyst at Javelin Strategy & Research.

In addition, companies could use less expensive email authentication technology that looks at the sending mail servers and the IP addresses of the sender to determine whether the email is legitimate, Pascual said.

Such technology uses the Sender Policy Framework (SPF) and the complementary DomainKeys Identified Mail (DKIM). Another anti-phishing technology released last year was the Domain-based Message Authentication, Reporting and Conformance (DMARC) framework.

"Unfortunately, it's been around for awhile, but not a lot of businesses are using it," Pascual said of the various technologies. "It's very underutilized."

Read more about malware/cybercrime in CSOonline's Malware/Cybercrime section.


Originally published on CSO |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Data ProtectionWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question
randomness