So your business uses Antivirus Software, you’re all set, right? Not so. The problem with traditional Antivirus Software is that it can only defend against known threats. In this article we’ll discover the monumental shift in the threat landscape and why mom and dad’s Antivirus Software just isn’t cutting it anymore.
Years ago the primary form of attacks were “generic malware,” a type of threat that is easily stopped by blocked by basic antivirus software. The thing is, today generic malware only makes up about 12% of cyberattacks. Wait…what’s the other 88%? As you see in the graph below, ransomware, email malware, and other advanced malware have become most common.
If you’re thinking maybe you’ll take your chances and hope you just get hit with Generic Malware, you might want to think again. According to the State of Endpoint Security Today Survey, 54% of organizations were hit an average of two times in 2017, and most organizations admit they have no exploit prevention capabilities.
Let’s break down what we mean by known vs. unknown threats:
Known:
Traditional security products are designed to act once they encounter something they know to be malicious. These are attacks that are already known to exist and measures have been taken to block that attack in the future. Unfortunately with traditional antivirus, there is always a gap between when threats begin causing trouble and when the vendors update their software to block against the attack moving forward.
Unknown:
To avoid being detected by antivirus software, hackers need to create a completely new threat. And they’re really good at it too. Sophos Labs has said they receive and process 400,000 previously unseen malware samples every day. They also say that three quarters of the malicious files they encounter are unique to a single organization.
How can you fight back against attacks that have never been seen before, and may never be seen again?
That’s where predictive security comes in. Predictive security utilizes deep learning technology to go much further than simply reacting to threats. If you ever talk to Siri, Alexa or Cortana – you’ve had personal experience with deep learning. In fact, it’s all around us from facial and voice recognition to self-driving cars and language translation. Deep learning is an advanced form of machine learning that was originally inspired by the way the human brain works. It can make predictions about data it has never seen based on the data it is trained on.
When deep learning is applied to the detection of malware and potentially malicious programs, it goes so much farther beyond what traditional antivirus is capable of. One of the solutions that utilizes predictive security is Intercept X by Sophos. Intercept X extracts millions of attributes about a file it’s analyzing and runs it through its deep learning model to determine whether the file is good or bad. This intelligent solution is highly effective at protecting against the unknown, stopping malware before it executes and denying the attacker their opportunity to leverage your data.
In January 2018, ESG Labs tested the latest version of Intercept X with real world advanced attacks. The results? “Intercept X stopped 100% of the exploit techniques that were missed by the traditional antivirus application.” – ESG Labs, A New Approach to Endpoint Security for Today’s Threats
“We haven’t found another product that can boast the high detection and low false positive levels of Intercept X” said Denney Fifield, Direction of Technical Services at Strong and Hanni.