//////////////////////////////////////////////////////////////////// t cht lk
using spyware to look for company trade
secrets or intellectual property. If these
secrets get out, the company might be in
danger of being bankrupted.
Is it possible to return an endpoint
to a healthy state AND minimise the
impact to the end-user?
Absolutely. That is what we have been doing
for over eight years and that is the work that
is still driving our company and products.
As most professionals out there will know,
we are cleaning up what other vendors are/
were unable to stop. This has transformed
over the years into the simple fact that
everything that we can clean-up, we could
have prevented in real-time.
How do Malwarebytes’ solutions
detect and block threats?
We do this with a blend of above mentioned
technologies we call Multi-Vector Protection.
This provides a layered approach, including
both static and dynamic detection
techniques across the entire attack chain.
“
WHEN PEOPLE
BRING THEIR OWN
DEVICE TO WORK,
MANAGING THAT
DEVICE BECOMES
A LOT MORE
COMPLICATED.
undetected attacker inside an organisation
is around 191 days, whereby the lowest
was 24 and the highest was 546 days. The
more time a cybercriminal has to widen
their attack vector the more they can
elevate their privileges, extract data and
dissect data. This enables further manual
ransomware injection and backdoors into
the organisation to be built, not to mention
www.intelligentcio.com
This approach provides protection against
all types of threats from traditional viruses to
tomorrow’s advanced threats. More details
on our layered approach:
Web protection: Prevents access to
command and control (C&C) servers and
malicious websites
Application hardening: Reduces the
vulnerability surface, making the endpoints
more resilient. Proactively detects
fingerprinting attempts made by advanced
exploit attacks
Exploit mitigation: Proactively detects and
blocks attempts to compromise application
vulnerabilities and remotely execute code on
the endpoint
Application behaviour protection:
Ensures applications behave as intended,
preventing them from being leveraged to
infect endpoints
Anomaly detection machine learning:
Proactively identifies unknown viruses and
malware based on anomalous features from
known good files
Payload analysis: Identifies entire families
of known malware by using a combination
of heuristic and behavioural rules
Ransomware mitigation: Detects
and blocks ransomware from encrypting
files using signature-less behavioural
monitoring technology
Linking Engine: Proprietary, signature-less
remediation technology that identifies and
thoroughly removes all threat artefacts
associated with the primary threat payload
Malwarebytes Cloud Platform: Console
provides centralised policy management
and consolidated threat visibility across
all endpoints globally. Also enables asset
management capabilities
Are there any new advanced
threats that have recently
appeared on the scene?
Cryptomining is the obvious threat to talk
about. Cryptomining could even be described
as a prevalent and opportunistic threat.
Despite the fact that in the last quarter
three new ransomware (disruptive threat)
families emerged (GandCrab, Scarabey and
Hermes, to learn more on those, download
the Q1 Cybercrime Tactics and Techniques
report under: https://go.malwarebytes.
com/CTNTQ1FY19.html), cryptomining
has risen to become a huge threat vector.
The hijacking by hackers of UK government
websites to mine crypto-cash shows how
mainstream it has become.
Yet companies are unprepared for this type
of attack. Our Malwarebytes Labs CT&T Q1
report found that malicious cryptomining
had increased on a grand scale, across all
platforms, devices, operating systems and
in all browsers. Macs and mobile devices
are not exempt; criminals have even
used the cryptocurrency craze for social
engineering purposes. n
“
AN ARTIFICIAL
INTELLIGENCE
LAYER IS
NOWADAYS
STANDARD AND
NEEDED.
INTELLIGENTCIO
97