• Software Solutions
  • Autodesk Subscription
  • Building Solutions
  • CAM Solutions
  • Civil Engineering Solutions
  • Industrial Design Solutions
  • Manufacturing Solutions
  • Process & Plant Solutions
  • Visualization & Animation Solutions
• Customer Relationship Mgmt
• Data Management
• Design Automation
• Government Solutions
  • Design & Construction
  • Emergency Planning & Response
  • Facility Lifecycle Management
  • Government Transportation Solutions
  • Manufacturing Design & Maintenance
  • Public Works & Utilities Solutions
  • Real Property & Asset Management
  • Situational Awareness & Response
  • Training & Simulation
• Hardware Solutions
  • 3D Printers
  • Notebooks and Desktops
  • Motion Controllers

CSS Drop Down Menu by PureCSSMenu.com  

Zero-Day Attacks.

What is the threat and how can it be minimized?

Keeping up with technology is a change that everyone in today’s business world recognizes. New iPod’s, iPads, eReaders that have Internet Access, the latest Smartphone’s, computers, laptops and tablet PC’s, HDTV, 3D-HDTV, newer – faster - better! Who doesn’t like to get new things?! Well, being the first or among the first to get a zero day attack problem is not one of those firsts that you want to have.

What is zero-day attack?

A zero day attack (sometimes called a zero-hour attack) is a threat to computers. This threat tries to exploit problems in an operating system or application that have been discovered but may be unknown to the company that wrote that software. These kinds of exploits are from software that uses a security hole in an application or operating system to carry out their attack. You will often read of a ‘toolkit’ that hackers have shared to exploit a problem before the vendor of the targeted software has a chance to patch that software.

What about anti-virus / anti-malware software?

I have both anti-virus software and anti-malware software and I keep my system and applications loaded with the latest patches and updates so I don’t have to worry about a zero-day attack…right? Wrong! While keeping your system up-to-date is important, it simply will not protect you from a zero-day attack.

Justin Rattner, Intel's chief technology officer, said the problem is that today’s state of the art software and appliances that look for attacks are ‘signature-based’. This type of malware detection is based on searching for known patterns within malicious code, and therein lies the problem; zero-day, or brand new malware attacks are often successful because they have no known signatures to guard against.

Something new is on the horizon

Rattner told Computerworld on January 25th that scientists at Intel are working on security technology that will stop all zero-day attacks. He said this new security technology won't be signature-based like so much security software and hardware appliances are today.

Stop all zero-day attacks. That is a very bold statement, but in light of Intel’s track record for innovation and the nature of Rattner’s announcement, I dug a bit deeper. As expected, Rattner gave few details about this new security technology other than he hopes it will be ready to be released this year.

"I think we have some real breakthrough ideas about changing the game in terms of malware," Rattner said. "We're going to see a quantum jump in the ability of future devices - whether PCs or phones or tablets or smart TVs - to defend themselves against attacks."

Now the acquisition of McAfee by Intel back in August 2010 comes into perspective.

Are there any details?
 

Just a few. Rattner said, "Right now, anti-malware depends on signatures, so if you haven't seen the attack before, it goes right past you unnoticed.

This new approach is “radically different”.

“We've found a new approach that stops the most virulent attacks. It will stop zero-day scenarios. Even if we've never seen it, we can stop it dead in its tracks," he said.

The article in Computerworld also quotes Dan Olds, an analyst with The Gabriel Consulting Group. Olds said that if this technology works as Justin Rattner says, that it could be a major advance for computer security.

"If Intel has hardware technology that can reliably stop zero-day attacks, that would be a huge win in the war against malware," Olds said. "The key is that it's reliable. It has to have the ability to discern legit software from malware. But if they can pull this off, it would give them quite a competitive advantage vs. AMD."

Needless to say, there will be a lot of eyes on this one to see if they really can pull it off.

What do I do for now?

Well, there are several things you can do for now to keep yourself safe. They are the same things that have been suggested by security experts for years, but they are worth repeating.

1)     Keep your operating system patched and up to date. If you are months behind on applying the patches and fixes then you are months behind on problems that have been fixed.
2)     Keep your applications patched and up to date – same as above.
3)     Upgrade your applications and operating system to the latest and greatest systems if you can. Keep in mind that some old programs may not work as expected or may not work at all. Also keep in mind that upgrading may require more RAM and hard drive  space at a minimum but may also require a completely new PC or laptop
4)     Use Anti-Virus, Anti-Malware, Firewalls and White listing. Using this layered approach when the above steps are followed gives you the best protection available now!

Have a topic you would like to see addressed?

One thing for certain is that the only thing constant is change, and there is always something new to learn. If you have a topic you would like to see addressed, I welcome your feedback.

 

All product names / logos, company names / logos are copyrights of their respective holders.  John Boline is an MCSE, MCTS, CNE, USE, a member of the Network Professional Association and the Microsoft Partner Research Panel, . The content herein is often based on late-breaking events. Much of the material is based on information from sources that are believed to be reliable. Hagerman & Company, Inc. disclaims all warranties as to the ultimate accuracy or completeness of the information. Hagerman & Company, Inc. and its employees shall have no liability for errors, omissions or inadequacies in the information contained within this article or for any interpretations thereof. The recommendations, positions and best practice policies outlined herein represent Hagerman & Company, Inc. initial analysis and therefore are subject to change as further information which may have bearing on these positions is made available. The reader assumes sole responsibility for the selection of these materials to achieve its intended results. The opinions expressed herein are subject to change without notice. Hagerman & Company, Inc. assumes no obligation to update the forward-looking statements made in this newsletter to reflect any change in circumstances, after the date of publication. Entire contents © 2010, Hagerman & Company, Inc. All rights reserved. Reproduction of this publication in any form without prior written permission is forbidden
 

 

 

 

This page last edited on Friday, March 11, 2011