This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

New York Times targeted attack shows lack of capability of anti-virus

Share this article:

The advanced persistent threat (APT) suffered by the New York Times demonstrates the need for more than anti-virus.

As reported yesterday by SC Magazine, the New York Times suffered a targeted attack that lasted around four months after Chinese attackers were not happy with an article on out-going leader Wen Jiabao.

According to Symantec's statement, whose anti-virus technology was used by the New York Times, "anti-virus software alone is not enough".

Symantec said: “Advanced attacks like the ones the New York Times described in the article underscore how important it is for companies, countries and consumers to make sure they are using the full capability of security solutions.”

Speaking to SC Magazine, Chris Jenkins, director of security at Dimension Data UK, said that he agreed with the statement, as APTs are not designed to be widespread. “Anti-virus needs to be smarter and broader to pick up what gets sent in and flag and alert on what is happening,” he said.

“With an APT, they are sophisticated and harder to track and understand, this is the way things have changed. They are far more targeted.”

David Garfield, managing director of cyber security at BAE Systems Detica, said: “As the New York Times article points out, traditional security technology such as firewalls and anti-virus do not stop these events. They were never designed to counter the type of bespoke targeted attacks by adversaries with a strategic interest in accessing an organisation's networks.

“Organisations shouldn't ask what their security tools are telling them, but ask what they are not telling them; that can only be done by monitoring and analysing their networks for evidence of compromise.”

Rob Cotton, CEO of NCC Group, said: “Although we can't blame this incident purely on the anti-virus software, the on-going issue is that signature-based anti-virus tackles a problem that was prevalent 20 years ago but is largely irrelevant to today's cyber threats. Security budgets must be spread across a range of mitigation strategies, such as thorough employee education, whitelisting authorised software, data loss prevention and third party security.”

Jenkins said that this and similar stories show a need for better collaboration between vendors, as they do not share data. Jenkins said: “Users are looking for anomalies of traffic and trying to signal activities, even if it is only happening to one. Users need to share information and while some are working together, this should happen more.

“CISOs share experiences and knowledge, but it would be good if vendors would come together and react as it will not mitigate the problem but it will accelerate the response. I don't know why vendors keep stuff to themselves or feed into their cloud.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud

Exclusive video webcast & Q&A sponsored by Vormetric

As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.

View the webcast here to find out more

More in News

Cyber security still a learning curve for most companies

Cyber security still a learning curve for most ...

Poor network visibility, outdated security tools, a skills shortage and a lack of control in the cloud are just some of the reasons companies are struggling with cyber-security, say two ...

WorldPay hacker sentenced to 11 years for role in £6 million scheme

WorldPay hacker sentenced to 11 years for role ...

An Estonian man, who helped hack payment processor RBS WorldPay in 2008, has now been sentenced to 11 years in prison for his involvement in the £5.9 (US$ 9.4 million) ...

'Sophisticated' Chinese hackers launched attacks against 43,000 computer systems

'Sophisticated' Chinese hackers launched attacks against 43,000 computer ...

A new report reveals that a Chinese cyber-espionage group is closely affiliated with government and carried out attacks against the likes of Fortune 500 companies and government agencies.