Symantec Advanced Threat Protection: Email – Helping Businesses Protect Against Targeted Attack

Categories: Security & Backup

Email has become yet again the forum of choice for cyber attack. Symantec reports that in 2016 one in 131 emails was found to contain malicious content*. For the cybercriminal, it’s a method that’s been proven to work,  and doesn’t rely on exploiting a technology weakness, but rather on conning recipients into revealing personal details or accessing malicious links.

However, today fewer emails are sent and received generally, the number declining since 2012 – and the cybercriminal has been changing strategy as a result.

Previously they were taking a ‘spray and pray’ approach. But, particularly among a smaller pool, the greater the number of emails sent, the higher the risk of detection, and  it’s ‘low and slow’ for the cybercriminal today, with fewer – ‘targeted’ – emails sent to a refined, filtered list following up-front research into potential recipients. .

And although the number of emails sent and received across the world is reducing year on year, the number of malicious campaigns is increasing, and the growth of malicious targeted attacks is now one of the most alarming trends in today’s business world.

With targeted threats more difficult to check via traditional signature-based antivirus strategies, technology has been developing to create a new approach to detection.

With Symantec Advanced Threat Protection (ATP): Email, whether links are embedded within the body of an email or in an attachment multi-layered technologies and intelligence create the most effective protection against spear-phishing, targeted attacks, and other advanced threats.

  • Real-Time Link Following evaluates links in real-time before email delivery, blocking links that are malicious.
  • Click-Time URL Protection provides continued protection, for after email delivery, with links rewritten to point to Symantec servers, enabling evaluation when the link is ‘clicked’. Symantec ATP: Email is also set up to detect malicious links with time-based delay, whereby the link points to a legitimate site before evolving to link to a malicous destination, multiple redirects, shortened URLs, and hijacked URLs, when attackers create a fake version of a genuine ad.
  • Cynic cloud-based sandboxing and payload detonation provides further protection. Suspicious emails and attachments are securely evaluated within Symantec’s cloud infrastructure and undelivered if found to be dangerous.
  • Comprehensive reporting provides detailed feedback when a malicious campaign has been identified, targeting at business level or an individual within the business, and categorised according to type. Details covering the site to which the link was redirecting and the unique identifier of the file are also listed.

Michael Frisby, Vuzion MD: “Today’s evolving IT security threats require companies to adopt a more layered approach to protecting their IT and business assets from attack.

“Symantec’s ATP solution leverages their massive cloud scale and machine-learning algorithms, with more than 2 billion messages scanned every day, providing the largest base of data from which to spot unknown threats before they can reach our mailboxes.”

Hackim Farrell, Sr Manager of Product Management, Symantec: “The average cost of a successful spear-phishing attack is $1.8M**. Symantec Email Security cloud with ATP: Email from Vuzion provides the most comprehensive form of URL Protection. Its Real-Time Link Following provides inline link analysis and heuristics scanning, whilst its Click-Time Protection protects users against latently weaponized URLs.” 

*2017 Internet Security Threat Report (ISTR)

**Vanson Bourne, January 2016

Related Articles

How security offers growth opportunities beyond COVID-19 for the MSP

The COVID-19 pandemic has made home working the ‘new normal’, creating many IT opportunities - including for the cybercriminal.

Vuzion wins CRN Distributor of the Year (sub £250m) Award 2020

A fantastic recognition of the dedication and work of the teams here at Vuzion and the achievements and expertise of our partners.

Vuzion shortlisted for two CRN Distributor 2020 awards

Shortlisted for Distributor of the Year (sub £250m turnover) and Cloud Distributor of the Year.

Vuzion awarded Acronis Innovation award

Given for "exceptional innovation related to Acronis cyber protection solutions".