By: Ally Benoliel, Marketing Communications Manager
Wrapping up 2018 in one of the noisiest and most fascinating industries, I noticed that cyber-attacks are becoming an increasing issue and combating them is becoming more and more challenging. At Deep Instinct, we focused a large part of our marketing efforts, on creating content around the most pressing issues in cybersecurity today.
Take a look at some of our top picks.
Prevention is back!
While the number of security vendors has increased dramatically lately, not only did the security landscape not improve as you would expect it do, but it is doing much much worse. More and more enterprises are being compromised with attacks originating on the endpoint.
How can this be explained?
Well for one, there are over 350K machine-generated malware appearing daily, and while there are tons of security solutions, none are offering actual security.
If we look back, we can see an evolution in the approaches led by security solutions:
Back in the 90’s when the malware was known, the approach was to prevent it. But with time, as the sophistication of malware continued to evolve, the industry gave up on the innovation of prevention technologies and moved into a detect-and-respond mode.
Thankfully, with innovative technologies available, we can now revive the concept of prevention, even for unknown attacks. With deep learning, we are reinventing and redefining cybersecurity “prevention” to its original classification: The idea that you can prevent attacks from happening.
To learn more, download this free whitepaper: Reinventing Cybersecurity Prevention with Deep Learning: Endpoint Cybersecurity Evolution
Be Fearless When it Comes to Fileless Malware Attacks
Cyber criminals are constantly looking for new and sophisticated ways in which to avoid being detected and successfully perform a malicious attack. This was most evident in the past few years. Apart from the rise in ransomware attacks, there has also been an increase in the amount of fileless attacks, which pose a threat to organizations and challenge for security solutions due to the use of sophisticated attack techniques and various non-executable file formats.
The definition of what is considered fileless attack is wide, as the term “fileless attack” encompasses several possible attack scenarios, only some of which don’t write any files to disk, while very few scenarios are completely fileless.
To learn about the anatomy of fileless attacks, and get an in-depth explanation of the challenges and solutions involved, download this free whitepaper: Making Sense of Fileless Malware
The Rise of New Sophisticated Evasive Malware
In the last few years we have seen various ways of spreading malicious code, one main infrastructure of spreading malware being the dark web.
In June 2018, one of Deep Instinct’s researches, Tom Nipravsky, noticed a highly complicated botnet (number of internet-connected devices, where the owner can control them using command and control servers), which was detected and prevented in one of our client’s live environment and devices – by our deep learning cybersecurity solution.
This highly sophisticated botnet, dubbed MyloBot (named after Tom’s dog) incorporates different malicious techniques and complexities.
To read the full analysis of how Mylobot works, download this research paper: Meet Mylobot - A Sophisticated Never-Seen-Before Botnet
The Increased Need for MSSPs
Today, more and more cyber-attacks are targeting industry sectors and organizations of all sizes, and the potential damages have increased the awareness for advanced security services by MSSPs (Managed Security Service Providers) in order to stay protected.
But for MSSPs to block the most advanced threats, they are required to adopt innovative technologies, such as advanced EPP solutions that are “MSSP ready”, meaning they can be managed in a multi-tenant environment. Currently, there are very few advanced security solutions that can be be managed in such an environment.
In Deep Instinct’s latest release, version 2.2, Deep Instinct added the ability for MSSPs and large enterprises to manage all entities from the same instance and management console along with more capabilities required for MSSPs.
To learn more, download this free whitepaper: Multi-tenancy security solution for MSSPs
Obliviousness Around Employee Mobile Security
Employees need to be aware that their mobile device is a vulnerable endpoint that can harm their employer and cause significant damage. Awareness that their device on which they use company resources, can cause significant damage resulting in millions of dollars of losses. By raising employee awareness of the risks and vulnerabilities, up to a third of cyber-attacks targeted from mobile devices on organizations and companies can be prevented.
This cannot be denied or ignored anymore, companies must ensure that their employees are well-informed when it comes to mobile threats and learn how to manage situations that may develop, insuring the company’s security. This all begins with AWARENESS.
Read more here: 6 KEY WAYS TO RAISE EMPLOYEE MOBILE THREAT AWARENESS
The Need for AI-based Solutions
From ransomware, to spyware and banking trojans, the types of malware threats are many. Yet the one threat that seems to be posing the greatest challenge to organizations and their cybersecurity solutions is unknown malware.
This is because the means that have most typically been used to counter cyber threats to date remain insufficient when it comes to unknowns.
Yet, the demand for beating the threat of unknowns is only getting bigger as the threat continues to grow at a dizzying pace.
There is one approach, though, that overcomes the pitfalls of other means, as it is inherently designed to handle unknown malware. This approach is deep learning.
For a quick recap – deep learning is the most advanced branch of artificial intelligence today. Its learning method is inspired by the way the human brain learns – taking in all the data and learning from it automatically and intuitively.
Deep learning is the first — and currently the only — learning method that is capable of training directly on raw data. There is no need for feature engineering with deep learning, as is needed with machine learning. To the contrary, deep learning can dive into the raw data of the file, without explicitly being told to pay attention to certain features, which have been specified by human experts.
Moreover, deep learning scales well to hundreds of millions of training samples. As the training dataset gets larger and larger, deep learning continuously improves. And the third aspect of deep learning that makes it unique is its ability to pick up on patterns and correlations in the raw data that are too complex for any human or AI to pick up on.
Thus, its unique approach to training and learning endows it with both intuitive and predictive capabilities – which is probably one of the most critical capabilities for picking up on unknown threats. For, if you can’t ‘know’ in advance what it is, you must be able to predict what it is.
To learn more about the power of deep learning, download our Deep Learning Book for Dummies.
Summary
The cybersecurity domain never ceases to amaze me. With more and more solutions, more and more attacks and the continued cat and mouse chase between defenders and attackers, we are always kept on our toes.
My hope is that 2019 will bring a better understanding to the market, that cybersecurity may not be bullet-proof, but with innovative cutting-edge technologies, you can get pretty darn close to it.