Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

FireEye Unveils Solution to Thwart Spear Phishing Attacks

Email Security Appliance Provides with Real-Time Analysis of Embedded URLs and Attachments To Protect Against Targeted, Socially Engineered Attacks

Email Security Appliance Provides with Real-Time Analysis of Embedded URLs and Attachments To Protect Against Targeted, Socially Engineered Attacks

It can happen to anyone. Even Intel’s CEO, Paul Otellini has been a victim of a spear phishing attack. At a Forrester security event in Boston this past fall, Intel’s CISO Malcolm Harkins shared a story of how its top executive fell victim to a targeted attack. In this case, the attacker decided to use public information from a lawsuit that Intel was involved in at the time. The attacker crafted clever emails, appearing to be from Intel’s attorney, and sent along some malicious attachments which Otellini decided to click on. It was from a trusted source, right? Wrong. In the end no sigificant harm was done, but the attacker was successful in penetrating one of the largest tech companies in the world and getting its top executive to do his part in helping the attack be a success.

FireEye APTFireEye, a provider of anti-malware solutions, at the RSA Conference in San Francisco, today announced a solution designed to specifically protect against these types of spear phishing attacks. The new “FireEye Email Malware Protection System” helps stops targeted email attacks to prevent malware-induced network breaches and data theft. 

These types of targeted attacks, often referred to as Advanced Persistent Threats, until recently, were quite rare. Not anymore. “Consider the Operation Aurora attacks, which employed some of the tactics we touched on above. The Operation Aurora attacks targeted many companies, in addition to Google, such as Adobe Systems, Juniper Networks, Rackspace, Yahoo, Symantec, Northrop Gruman and Dow Chemical,” said Terry Cutler of Digital Locksmiths and a SecurityWeek columnist.

With the launch of the FireEye Email MPS, enterprises and government agencies can protect data and networks from recurring Modern Malware infections and advanced, persistent threats (APTs) that attack using malicious email content and attachments. “The Email MPS represents a new generation of messaging security protecting against email attacks using malicious URLs and attachments exploiting zero-day vulnerabilities,” said Ashar Aziz, CEO, CTO and Founder of FireEye. “FireEye’s integrated MPS solutions protect organizations across the Web and Email attack vectors.”

The solution features a Real-time Attachment and URL Analysis engine that evaluates emails for zero-hour malware using virtual machines running a cross-matrix of operating systems and applications, such as various web browsers and plug-ins. This dynamic analysis enables FireEye to detect and stop spear phishing email attacks aimed at known and truly unknown OS and application vulnerabilities. Using data collected from its Cloud Intelligence network, customers get security content about malicious attachments targeting zero-day vulnerabilities, malware callback channels, and URL blacklist updates. With blended attacks using email and the Web on the increase, it is critical to have a zero-hour, signature-less malware protection engine to analyze links in email as well as file attachments, such as PDF documents, Microsoft Office files, multi-media content, and other file formats.

“Using the FireEye Email MPS, we’ve been able to stop over three dozen separate spear phishing attacks over the course of two weeks,” said an IT administrator at a defense contractor, who asked to remain anonymous.

The FireEye Email MPS is an appliance that requires no tuning and deploys as an MTA (Message Transfer Agent), SPAN device, or as a BCC destination. The appliance is deployed behind an existing email control point such as an antispam gateway.

“While you read about how security threats have grown more menacing, it’s important to also remember that security defenses also have grown more powerful. The critical thing is to take the necessary steps to protect your infrastructure and your data. That’s where most businesses fall short. And it’s a mistake that is growing increasingly costly to make,” cutler adds.

Advertisement. Scroll to continue reading.

Available in the second quarter of 2011, pricing begins at $54,950 for the appliance, with per seat licenses starting at $11.68 for a 5,000 seat organization.

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Phishing

The easiest way for a cyber-attacker to gain access to sensitive data is by compromising an end user’s identity and credentials. Things get even...

Cyberwarfare

An engineer recruited by intelligence services reportedly used a water pump to deliver Stuxnet, which reportedly cost $1-2 billion to develop.

Fraud & Identity Theft

Famed hacker Kevin Mitnick has died after a battle with pancreatic cancer.  At the time of his death, he was Chief Hacking Officer at...