ALTRON ARROW

Next Article

Working From Home

PREVENT COMPROMISED FILE UPLOADS THREATENING

YOUR BUSINESS

As cybercriminals become more ingenious, concealing advanced threats in common file types, so the need for a new type of security has arisen. CDR technology is that solution.

Although file uploads are necessary for employee productivity and for certain websites and web applications to perform their functions, they also offer an attack vector to cybercriminals. This is because, by concealing advanced threats that exploit vulnerabilities within common file types, attackers can compromise an end-user or an entire system.

Gyula Wendler, senior manager: Engineering at Altron Arrow, explains that document-borne malware is on the rise, meaning that any file entering an organisation’s network really should be audited and analysed, even when the sender seems to be a trusted, reliable source.

“Obviously, banning file uploads altogether would be impractical, so it is thus necessary to make file uploading and importing more secure, if companies are to function efficiently. This is where CDR technology comes in,” he says.

“CDR stands for content disarm and reconstruction, and is highly effective for preventing known and unknown threats. These include zero-day targeted attacks and threats that are equipped with malware evasion technology, such as fully undetectable malware, VMware detection, obfuscation and many others.”

Deep CDR He notes that Altron Arrow recommends OPSWAT CDR technology – known as Deep CDR – which assumes all files are malicious. It ingests files and then regenerates these in a way that ensures the regenerated file is both usable and harmless. Basically, it provides protection without needing to know whether a suspected file is ‘good’ or ‘bad’.

Wendler indicates that CDR follows a three-step process: • Files are evaluated and verified as they enter the sanitisation system, to ensure file type and consistency, with identification of over 4 500 file types. Each file is scanned to identify all embedded active content in the file and file extensions are examined to prevent seemingly complex files from posing as simpler ones. OPSWAT Deep

CDR supports sanitisation for over 100 common file types, including PDF,

Microsoft Office, HTML, many image file types, JTD, and HWP. • The files are rebuilt in a fast and secure process. File elements are separated into discrete components, malicious elements are removed, and metadata and all file characteristics are reconstructed. The new files are recompiled, renamed and delivered, preserving file structure integrity so that users can safely use the file without loss of usability. • The newly regenerated files can now be used. Even complex files remain usable – for example, animations embedded in

PowerPoint files remain intact after the

CDR process is completed. Finally, the original files are quarantined for backup and further examination. By rendering fully usable files with safe content, the

CDR engine protects organisations against the most sophisticated threats while maintaining user productivity. “File uploads are a major potential threat vector for any business. Now, thanks to OPSWAT’s Deep CDR technology and Altron Arrow, there are concrete steps that organisations can take in order to mitigate this threat growing vector,” he concludes. CDR stands for content disarm and reconstruction, and is highly effective for preventing known and unknown threats.”

For more information, contact: Gyula Wendler, senior manager: Engineering gwendler@arrow-altech.co.za

COMPREHENSIVE PROTECTION FROM IOT SECURITY VULNERABILITIES Altron Arrow has partnered with Check Point to deliver a complete solution to secure unprotected internet of things (IoT) devices from cyberattacks.

As digitisation continues apace, we are witnessing the rise of the ‘connected world’, where everything from IP cameras to any security countermeasures in place and no control by device makers over their deployment. Then there’s also the use of vulnerable third-party supply chain components and the fact that the passwords, outdated firmware and known vulnerabilities. “Moreover, the solution is able to implement both vulnerability mitigation and zero-day threat prevention, even on company printers and coffee machines is connected to the internet. And the same holds true for industry-specific verticals, which require such solutions as connected medical devices or connected industrial or manufacturing robots.

The challenge here is this: as digital transformation increases, so do the attack surfaces for cybercriminals – and the IoT arena of connected devices is an extremely vulnerable space.

There is nothing these criminals like more than to find an under-protected angle of attack that allows them to access the business network, explains Gyula Wendler, senior manager: Engineering at Altron Arrow. Once in, he adds, they seek to disrupt services and operations, obtain financial gains – through ransomware attacks – or simply gain a foothold in sensitive networks. “There are several reasons behind these devices’ IoT vulnerabilities, including the fact that such direct-to-internet connections make devices easily accessible over the web – often without devices are unmanaged and often can’t be updated for fixes,” he says. “Altron Arrow provides a total endto-end IoT solution for any industry. Of course, given the huge volume and variety of IoT devices, we understand that companies need an easy way to deploy security across all of them. A key partnership “We have partnered with Check Point for this very reason – its comprehensive IoT Protect Security solution uses automation and threat intelligence to provide device risk assessment, network segmentation, and threat prevention from the most sophisticated cyberattacks.” He points out that the integrated solution prevents attacks at both an IoT network and device level – even on unpatchable devices. The solution delivers threat prevention and security management capabilities to block even unknown cyberattacks at both the network and device level, using threat intelligence and innovative IoT-specific security services. “What companies leveraging the IoT really need is a way to undertake both a complete IoT device visibility process and a risk analysis. Check Point identifies and classifies IoT devices on any network – via integration with leading discovery engines – to expose risks such as weak devices that are supposedly unpatchable. These IoT devices can actually be ‘virtually patched’ in order to fix security flaws in firmware or legacy operating systems.” He concludes: “Finally, it is worth noting that Check Point’s solutions for IoT cybersecurity are part of Check Point Infinity. This is the only fully consolidated, cybersecurity architecture that protects your business and IT infrastructure against Gen VI multivector ‘Nano’ cyberattacks – across networks, IoT devices, endpoint, cloud and mobile.”

www.altronarrow.com