June 06, 2011, 6:00 AM — It may be too late. I mean, consider the 100-million stolen customer accounts that made Sony famous, the spear-phishing that proved China pwns Google, the social engineering that proved Anonymous owns everybody.
The cracking may already have spread so far that all the serious crackers are going out of business because all the data with any value has already been stolen.
On the off chance that hasn't happened yet and there are still some companies that realize they have to do more to secure themselves against spear phishing and social engineering than even pretty well-secured companies have been willing to do until now.
Today, security-services company Cyveillance is announcing a new security product designed to be installed easily, as an appliance, but take advantage of the company's real-time threat-management services to block social-engineering attacks through email.
Cyveillance's Social Engineering Protection Appliance (SEPA) plugs in to an email network inside the firewall but in front of a company's mail servers, analyzing email in real time to identify live links, requests for sensitive data and other markers for malicious phishing attempts.
The language Cyveillance uses to describe SEPA's process – email intent analysis -- makes it sound more unlikely than it is, but the process actually makes sense.
It bases its analysis on enormous sets of risk-analysis data Cyveillance gathers as part of the global threat intelligence service – which uses partnerships with ISPs, spam traps, real-time monitoring of threat reports and malware reports to build a database with enough range to give it a good chance to identify links inside email as malicious.
To catch previously unknown sites, SEPA stops email containing links it doesn't recognize, and finds out what would happen if a user clicked the links, by clicking the links itself.