FIREEYE CYBER ADVANCED SECURITY SOLUTIONS FOR NEW BREED CYBER ATTACKS

Transcription

1 White Paper FIREEYE CYBER ADVANCED SECURITY SOLUTIONS FOR NEW BREED CYBER ATTACKS FireEye www. Fireeye.com

2 Executive summary This white paper presents the advanced security solutions designed by FireEye to protect organizations like yours from the new generation of cyber-attacks. FireEye has thousands of customers from more than 40 countries, including more than 20% of the Fortune 500. [xii] Traditional defenses mainly focus on known cyber threats while FireEye can provide real-time, dramatic threat protections against unknown threats. The purpose of this white paper is to introduce a new approach to protect your business as well as value gain. Cyber security has become the biggest concern for web-based companies in recent years. Cyber attackers have been working intensely to break into systems, looking for private data and information. Breaches of information system can be the trigger of destroying a company reputation. For long-term development, cyber security issues cannot be ignored. Many big companies are willing to spend millions of dollars on cyber security because this necessary cost is negligible comparing with the tremendous loss after one cyber-attack. For the past ten years, FireEye has guarded its customers against new breed cyber-attack and has provided unique customized services to the companies who highly rely on their cyber security. With its advanced security solutions and top security experts, FireEye has received valuable positive feedbacks from its customers and win annually the prestigious technology innovation awards. [xix] FireEye provides comprehensive services on cyber security. It can shield your data center, stop attacks via mobile devices, get fast malware analysis, block malicious file or provide local authentication. FireEye Platform Benefits: FireEye Multi-Vector Virtual Execution (MVX) engine can detect malicious code with different potential environmental variable Hardened proprietary hypervisor can execute automated malware analysis Multi-flow analysis can find malicious code missed by basic file inspection FireEye System Health Monitoring Report can score your security status Real-Time Protection can share suspicious attacks on real-time basis by using the powerful FireEye DTI cloud. [xx] You can enjoy the easy-to use integrated services of detection, analysis, monitoring and solution provided by FireEye to guard your network and data. FireEye is highly-adaptable, so it can be convenience to install without affect your current system. Its detection rate is 99.14% which is much higher than the average detection rate in cyber security industry. Besides, you can use the FireEye System Health Monitoring Report to improve your system s performance and make your security system more robust to defense future attacks. The existing Anti-virus software have an average detection rate less than 5% to new virus, which are vulnerable and outdated. To defense your organization s reputation and secure your data, you will need an updating security system. Otherwise, it is completely wasting your time and money. As the malicious cyber-attacks have been escalated recently that the existing defenses are not powerful enough to stop such attacks. FireEye is doing research on new technologies to fight against cyber-attacks and commit to serve our customers best interest more professionally and efficiently.

3 Introduction Cyber Security: Challenges/Problems How much does your data cost? Businesses store endless amounts of data ranging from internal organization s data to customer information. Small, medium, and big companies face the same cyber-attacks and threats. [iii] What is a cyberattack? A cyberattack is deliberate exploitation of computer systems, technology-dependent enterprises and networks. Cyberattacks use malicious code to alter computer code, logic or data, resulting in disruptive consequences that can compromise data and lead to cybercrimes, such as information and identity theft. [xiv] Cyber attacks are not only damaging the reputation of the company, but they are also costly. The statistic shows the amount of damages caused by cyber crime reported from 2001 to In 2001, the annual total loss of complaints reported approximately 17.8 million U.S. dollars and grew to million U.S. dollars in 2013, as shown in Figure 1. [iv] There are two categories of cybercrime: one that targets computers or network directly such as attacks, malware, and viruses; another one uses social engineering to perform fraud and identity theft. [ix] As of June 2014, 23% of annualized costs caused by cyberattacks were due to malicious code and 18% of those costs were caused by denial of service, as shown in Figure 2. [v]

4 Market Driver In recent years, breaches of information systems have become increasingly common, causing widespread concern over the safety of private company data and personal information of customers. The immense amount of data produced and stored by businesses around the world is a gold mine for hackers. As businesses continue to implement new technology to improve their operations, cyber attackers will increase their attempts to infiltrate the systems of businesses to gain access to that data. During the holiday season of 2013, Target was hit by a major cyberattack that compromised 40 million debit and credit cards in addition to 70 million names, addresses, s, and phone numbers. Attackers were able to steal this information by installing malware into Target s security and payments system, enabling them to capture credit and debit card number when scanned at the register. Target spent $61 million responding to the breach and saw sales in the following holiday season drop by 46 percent [xvi]. Following the crisis faced by Target, JP Morgan Chase & Co. s computer servers were breached in what would be the largest cyberattack on a bank in history. Approximately 76 million households and 7 million small businesses were affected by the breach. Hackers were able to gain access to names, addresses, phone numbers, and s of customers. In response to the attack, JP Morgan is spending $250 million on cybersecurity [xviii]. In addition to the Target and JP Morgan Chase & Co., hackers were able to breach the information systems of Neiman Marcus, Home Depot, and Michael s, compromising the credit and debit cards of millions of customers. As a result of these breaches, customers are concerned

5 that their personal information is at risk and are questioning whether or not companies have taken the necessary precautions to protect their systems from cyberattacks [xviii] According IBM, there were 1.5 million monitored cyberattacks in 2013 alone. With the increasing use of cloud computing, wireless networks, and mobile devices to move data, these attacks will only increase [xii]. IBM expects a 12% year-to-year increase in security events and in Cisco s 2014 annual security report, Cisco s IntelliShield showed a 14% increase in threat alerts from 2012 to 2013 [ii]. In order to protect themselves from future attacks, businesses need to invest in effective, thorough, and strong security measures. If left without adequate protection, the information systems of businesses can be breached by attackers, compromising sensitive business information and customer information. Such attacks can leave businesses at a major loss. Solutions Why is it important to protect your network and data? To defend your company's reputation to maintain public trust and confidence in your company to protect against legal liability to secure your customers' sensitive data What FireEye can do for you FireEye has top security experts with the most advanced technology and latest knowledge working 24/7 to monitoring your systems and networks. With this combination, you have the best tools to identify, prevent, examine, and find a solution of the attacks quickly compared to the traditional approaches. [vi] Data Center Security o Your data centers store tremendous of sensitive information about your organization and customers. As the amount of data increase, the threats against them also increase. o Why our data center security solutions: Shield data centers from advanced persistent threats and sophisticated malware found in content stores, web and application servers, and common file shares [v] Stop attacks entering centers via mobile devices and portable storage [v] Receive on-target analysis to pinpoint possible gaps that need addressing [xiv] Protect your key assets and prevent attacks with products and services that work together [v] Prevent attacks with an adaptive cyber security strategy [v] Safeguard your organization from attacks that use web servers and other data center infrastructure to host malware [v] Detect threats quickly to reduce lag time before resolution [v] Get reliable, fast malware analysis with our patented Multi-Vector Virtual Execution engine [v]

6 Provide continuous, dynamic, non-disruptive resolution to incidents [v] The FireEye Network Security NX series enable organizations to prevent, detect, and respond to exploit attempts, web downloads, and advanced malware that routinely bypass conventional defenses [ix] o Achieve a detection rate of 99.14% by Delta Testing [i] o Monitor, detect, and block malicious files, web and threats o Perform daily analyses and reports back to your host servers o Respond quickly to prevent attacks, fraud, and identity theft

7 Preventing a Cyber Attack: Customer Examples Since 2004, FireEye has provided cyber security solutions to dozens of banks. In this section, we are going to discuss in detail about how we helped the Citizens Bank of Texas, Finansbank and the Bank of Thailand prevent Cyber Security Attacks. Citizens Bank of Texas Citizens Bank of Texas is the third largest independent bank in Teas with over 150 employees and over $550 million in assets [vii]. the challenges that the bank faced were that Maintain its commitment to protecting sensitive client data against increasingly sophisticated Web-based attacks Identify a proactive and preventative approach to handling threats that addresses shortcomings in existing security portfolio Protect against attacks launched from Web browsing and malicious URLs in messages Avoid impact to employee productivity caused by having to take desktop devices offline to resolve security issues After accessing the Citizens Bank of Texas challenges, implementing the FireEye Web Malware Protection system would be the best solution to fix the Citizens Bank of Texas challenges. The benefits that the FireEye Web Malware Protection system provided are that it proactively detects malicious threats without the need to take employees offline. In addition, the solution would detect web- based and weakness before the attack could happen. Here was the feedback that s we received from the Citizen Bank after we implemented our solution.. According to Wade Jones, CIO of Citizens Bank of Texas, FireEye s Solution was immediately evident and we felt that FireEye Web Malware Protection System represented the final piece in the puzzle to lock down our infrastructure [vii]. Additionally, Jones told FireEye that the solution detected embedded malware and immediately started blocking approximately 200 callbacks. If any of these reached their intended target they could have severely compromised the banks system [vii]. Finansbank Finansbank is a TurkishBank that has a broad array of subsidiaries such as asset management, information technology and financial applications. The challenges that this bank faced were that Detect and mitigate Web-based threats that have bypassed existing traditional security measures Accommodate Finansbank s diverse, distributed infrastructure and support detailed offline analysis of malware components After careful consideration of the banks challenges, we decided to install the Network Security appliance. This solution benefited Finansbank by fully protecting their complex network environment against attacks and the ability to archive suspected malware attacks. The Network

8 Security appliance easily integrated with Finansbank s existing security information event management system [viii]. The feedback that we received was from Mert Sarica, Senior penetration tester. He said that After all of our testing was conducted we felt confident that this was the right approach to safeguard the bank from advanced malware, zero-day and targeted attacks [viii]. Mert Sarica then went along to say that Security and data integrity are mission- critical imperatives for Finansbank; having FireEye in our infrastructure just makes us more secure-period [viii]. Bank of Thailand The Bank of Thailand is Thailand s national bank. This bank is in charge of formulating the monetary policy and the money supply for their country. The challenges that the Bank of Thailand faced were Staying ahead of issues that could endanger the bank s mission Identifying and blocking unknown cyber threats that are missed by traditional defenses Preventing the potential compromise of critical operations and data Since the Bank of Thailand was had such a big infrastructure we had to implement 4 of our FireEye solutions. The solutions included, FireEye Network Threat Prevention Platform, FireEye Threat Prevention Platform, FireEye Central Management and FireEye Threat Intelligence. These solutions benefited the bank of Thailand by detecting and preventing cyber threats easier and being able to monitor the entire system [vi]. Once all of our solutions were implemented and tested here is what their Senior Director of the Information Technology department said about our solutions Best practice is no longer good enough when it comes to cybersecurity. The world has changed dramatically. The reality of what we face is a world with an extraordinary array of new security challenges. From proof of value to implementation, Bank of Thailand chose FireEye technology to manage advanced protection [vi]. Conclusion FireEye has been protecting 5 of top 6 US telecom companies, 5 of the top 10 financial institutions, 7 of top 10 energy companies, 7 of top 10 high-tech companies and 5 of top 10 aerospace/defense contractors. [xv] A powerful cyber security system can increase value to your organization. As you may notice, Banks always have high expectations on their cyber security systems. In the cases above, FireEye has satisfied those requirements and keep a good relationship with our customers from various backgrounds. It has been ten-years for us to seek new technologies and keep leading cyber security industry. FireEye is honored to help you improve your cyber security system and promises to provide you re the world-class services with our top cyber security team. Your business will benefit from using our Web Malware Protection system that can protect your system from malicious attacks and fix problems quickly. We can offer you a three-month new customer experience package for free. And FireEye is confident to assist you to become one of the top successful companies in the world. The first step for success is to make us you top choice. You can also design your own service with us.

9 Visit www. Fireeye.com to view more details about our products. We are looking forward to hear from you and be part of your success.

10 Citations i. A New Approach to Assessing Advanced Threat Solutions. N.p.: n.p., n.d. Web. 29 Jan ii. Cisco 2014 Annual Security Report (n.d.): Cisco. Web. 27 Jan < iii. Cyber crime: Reported damage to the IC Statistic. (n.d.). Retrieved January 29, 2015, from < iv. Cyber Crime - Statistics and Market Data Statista. (n.d.). Retrieved January 29, 2015, from v. Data Center Security FireEye. (n.d.). Retrieved January 29, 2015, from < vi. FireEye.(2014). Bank of Thailand Chooses FireEye Technology to Manage Advanced Protection [PDF file]. Retrieved from < vii. FireEye. (2014). Citizens National Bank of Texas Increases Advanced Cyber Attack Protection with FireEye [PDF file]. Retrieved from < viii. FireEye. (2014). Leading Turkish Financial Services Provider, Finansbank, Safeguards Its Growing Global Presence with FireEye Network Security (NX) [PDF file]. Retrieved from< ix. FireEye As A Service. (2014, January 1). Retrieved January 29, 2015, from < x. FireEye Network Threat Prevention Platform. (2014). Retrieved January 29, 2015, from xi. FireEye Wins CRN Enterprise App Award for Security. 2014, December 8, from < xii. "IBM Statistics on Data Breach Epidemic." IBM. N.p., Apr Web. 27 Jan <

11 xiii. Jon Clay (Trend Micro). Big Data Analytics and the Smart Protection Network. August xiv.percentage of annualized cyber crime cost for U.S. companies 2014 Statistic. (2014, June 30). Retrieved January 29, 2015, from < for-us-companiesby-attack-type/> xv. Protecting Your Data, Intellectual Property, and Brand from Cyber Attacks. Retrieved January 29, 2015, from< xvi.riley, Michael, Ben Elgin, Dune Lawrence, and Carol Matlack. "Target Missed Warnings in Epic Hack of Credit Card Data." Bloomberg.com. Bloomberg, 13 Mar Web. 26 Jan < xvii. THE FIREEYE ADVANTAGE: A New Security Approach for Today s Advanced Attacks. from< xviii. Veiga, Alex. "JPMorgan Breach Is 'Crisis Point' For Banks." The Huffington Post. TheHuffingtonPost.com, 3 Oct Web. 26 Jan < xix. What is a Cyberattack? - Definition from Techopedia. (n.d.). Retrieved January 29, 2015, from xx. (2012, April 26). Retrieved January 29, 2015, from < is- it- important-to-protect-informationand-personal-data>