This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

New York Times targeted attack shows lack of capability of anti-virus

Share this article:

The advanced persistent threat (APT) suffered by the New York Times demonstrates the need for more than anti-virus.

As reported yesterday by SC Magazine, the New York Times suffered a targeted attack that lasted around four months after Chinese attackers were not happy with an article on out-going leader Wen Jiabao.

According to Symantec's statement, whose anti-virus technology was used by the New York Times, "anti-virus software alone is not enough".

Symantec said: “Advanced attacks like the ones the New York Times described in the article underscore how important it is for companies, countries and consumers to make sure they are using the full capability of security solutions.”

Speaking to SC Magazine, Chris Jenkins, director of security at Dimension Data UK, said that he agreed with the statement, as APTs are not designed to be widespread. “Anti-virus needs to be smarter and broader to pick up what gets sent in and flag and alert on what is happening,” he said.

“With an APT, they are sophisticated and harder to track and understand, this is the way things have changed. They are far more targeted.”

David Garfield, managing director of cyber security at BAE Systems Detica, said: “As the New York Times article points out, traditional security technology such as firewalls and anti-virus do not stop these events. They were never designed to counter the type of bespoke targeted attacks by adversaries with a strategic interest in accessing an organisation's networks.

“Organisations shouldn't ask what their security tools are telling them, but ask what they are not telling them; that can only be done by monitoring and analysing their networks for evidence of compromise.”

Rob Cotton, CEO of NCC Group, said: “Although we can't blame this incident purely on the anti-virus software, the on-going issue is that signature-based anti-virus tackles a problem that was prevalent 20 years ago but is largely irrelevant to today's cyber threats. Security budgets must be spread across a range of mitigation strategies, such as thorough employee education, whitelisting authorised software, data loss prevention and third party security.”

Jenkins said that this and similar stories show a need for better collaboration between vendors, as they do not share data. Jenkins said: “Users are looking for anomalies of traffic and trying to signal activities, even if it is only happening to one. Users need to share information and while some are working together, this should happen more.

“CISOs share experiences and knowledge, but it would be good if vendors would come together and react as it will not mitigate the problem but it will accelerate the response. I don't know why vendors keep stuff to themselves or feed into their cloud.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Microsoft warns on yet another zero-day security flaw

Microsoft warns on yet another zero-day security flaw

Microsoft has warned Windows users about a zero-day security issue with malicious PowerPoint documents being emailed to recipients. The software giant is working on a patch for the problem.

Google launches FIDO-compliant 2FA USB key for Chrome and Gmail

Google launches FIDO-compliant 2FA USB key for Chrome ...

Google has souped up its two-factor authentication (2FA) login process with the launch of Security Key, a physical USB that only works after verifying the login site is truly a ...

Evolving TorrentLocker ransomware generating big money

Evolving TorrentLocker ransomware generating big money

The TorrentLocker ransomware has returned with a vengeance and is starting to bring in big money for its operators.