Most cyber threats originate from outside networks and exploit known vulnerabilities. These attacks have been responded to via conventional security methods, such as with antivirus, firewall, and IPS solutions. However, more recent and sophisticated cyber-attacks have targeted organizations by injecting malware or files into web applications or email used by employees.
In 2012, Advanced Persistent Threat (APT) attack techniques evolved further to disguise executable files with common application icons, such as those representing a doc file. Users who believe that the file is safe then unwittingly launch a malicious executable by opening the file.
If you are to look at the entire threat landscape, roughly 80-85% of all threats today are “known”, there are signatures written to protect against them. However, it’s those 15-20% of new variants, never been seen before, zero-day threats that will make you tomorrow headline. There are 350K new malware samples found every day. Traditional security solutions such as Firewall, IDS/IPS, AV, Web & Mail Filtering are all signature based solutions and can only protect against those “known” threats.
Signature based solutions are still needed but Advanced Malware, Advanced Persistent Threat (APT), Data Breach Detection and Prevention solutions like our AhnLab MDS are now required to augment those legacy signature-based solution and are a part of your defense-in-depth strategy.