Security Market Segment LS
Tuesday, 01 November 2016 18:31

Symantec creates world’s largest GIN

By

Symantec has combined its threat intelligence and Blue Coat Threat Intelligence into its Global Intelligence Network (GIN). This creates the security industry’s largest and most diverse set of threat data combining threat data results in 500,000 additional attacks being blocked for Symantec customers every day.

And the power of this new data is evident to all from a micro (consumer) to macro (enterprise level). Two new attack campaigns and 137,000 new phishing campaigns have been uncovered.

“Symantec research teams have unparalleled visibility into the entire threat landscape, including the most advanced attacks, and Blue Coat researchers have been categorising, mapping, and fingerprinting the Internet with a view into the darkest parts of the web and malware tradecraft,” said Greg Clark, chief executive of Symantec.

“By fast-tracking the integration of the threat intelligence capabilities from Symantec and Blue Coat, Symantec products are now blocking 500,000 additional attacks per day for our endpoint, email, and Web security customers. Drawing out those kinds of results from data is only possible by using artificial intelligence, which gives our threat researchers a vastly augmented ability to spot attacks earlier than anyone else.”

The creation of the joint GIN brings significant enhancements to Symantec’s threat intelligence capabilities made uniquely possible by integrating Symantec and Blue Coat’s security telemetry and applying the data-crunching force of artificial intelligence that is needed when analysing numbers reaching into the trillions.

The GIN monitors more than nine trillion elements of security data, providing unparalleled visibility and protection for Symantec customers across their entire environments. Symantec now protects 175 million consumer and enterprise endpoints, 163 million email users, 80 million Web proxy users, and processes nearly eight billion security requests across these products every day.

The integration provides the foundation for Symantec’s Integrated Cyber Defence Platform, which allows Symantec products to share threat intelligence and improve security outcomes for customers across all control points. Symantec is the only vendor to connect endpoint, email, and Web protection across a single integrated intelligence platform.

The combined Symantec-Blue Coat threat telemetry has led to a series of significant protection improvements as well as discoveries of new attack campaigns. Examples cited by the company include:

Improved protection from sharing threat telemetry

Symantec and Blue Coat products are now automatically exchanging millions of malicious files and URL threat indicators daily. For example, when a ProxySG Web gateway installation at any customer site uncovers a brand new malicious file or URL, this telemetry is shared via the cloud with every Symantec Endpoint Protection and Norton Security deployment, thereby providing this same protection for all Symantec Endpoint Protection and Norton customers. Similarly, when an installation of Symantec Endpoint Protection or Norton Security discovers a new malicious file or URL, this intelligence is shared with all ProxySG installations, so that those customers can immediately benefit from the discovery of this new threat. This telemetry-sharing system is fully operational and has resulted in Symantec products blocking 500,000 additional attacks every day for the endpoint, email, and Web security customers.

New cyber espionage campaign discovered

After the cyber espionage agreement between the US and China was signed in September 2015, it was believed that the China-based cyber espionage group Buckeye had largely stopped their attack operations. Only through the combined threat intelligence of Symantec and Blue Coat did Symantec determine that the Buckeye group was still highly active, and had set their sights on a new target – Hong Kong political organisations. Symantec’s combined teams uncovered new spear-phishing emails targeting 13 political entities in Hong Kong leading up to the Hong Kong elections. These discoveries have allowed Symantec to enhance its protection capabilities against the Buckeye group’s campaigns, while also alerting customers to the re-emergence of this attack organization.

Sophisticated financial heists revealed

Symantec and Blue Coat’s combined telemetry led to the revelation that, since January 2016, a series of campaigns involving malware called Trojan.Odinaff has targeted roughly 100 financial institutions worldwide, including investment brokerage houses, consumer banks, and ATM networks. The Odinaff attack is unusual in that once attackers infiltrate a victim’s financial institution, they spend time learning about the exact capabilities of the target organisation, e.g., trading platforms, money wire capabilities, ATM networks, etc. Then the attackers execute an attack plan leveraging the specific capabilities of the compromised organisation, for example, withdrawing funds, making trades, or transferring money via the SWIFT wire transfer system. To date, the Odinaff attack group has stolen millions of dollars from victim institutions.  

Changing the game on anti-phishing

To combat the increased threat to enterprises and consumers from phishing emails, Symantec has developed technology that analyses new websites in real-time by comparing them to screenshots of known phishing sites. Leveraging machine learning and advanced image analysis, the technology is applied to more than 1.2 billion Web requests each day and has uncovered 137,000 new phishing campaigns since its release. New phishing sites identified by this system are now being blocked across Symantec’s endpoint, email, and Web security product portfolio.


Subscribe to ITWIRE UPDATE Newsletter here

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments