Escolha uma Página

If the headlines can remind us anything, it’s that hackers are always on the hunt, using the most cutting edge tools to breach and infiltrate networks and assets. This week, reports of a new ICS-specific malware, called CrashOverride or Industroyer , has hit the headlines. Industroyer’s critical differentiator lies in the fact that it uses known protocols in the way they were made to be used. These protocols, designed decades ago, were not developed with security in mind, as they were isolated from the outside world. Therefore, hacking into these protocols simply means that attackers only need to teach their malware “to speak” the language of the protocol. This is where Hillstone Networks provides real value in mitigating attacks in these environments.

To prevent and mitigate malware threats, Hillstone Networks offers the following prevention methods against Industroyer:

  • Anti-Virus Detection Engine – In the virus spread stage, the Anti-Virus detection engine scans the traffic of multiple protocols (HTTP, STMP, POP3, IMAP4, etc.) and matches the detection of known virus files and loading programs according to the most updated library. Meanwhile, the Anti-Virus detection engine can use the URL reputation library to detect downloads and external connection behaviors to block them.
  • Cloud Sandbox – The Hillstone Cloud Sandbox can provide targeted prevention towards derivative variant files. Cloud Sandbox extracts unknown files in traffic, simulates the file execution environment, and dynamically monitors and analyzes the execution behavior of these unknown files. If these unknown files start attack-like behaviors, Cloud Sandbox can capture this behavior and determine the files as malware.

To learn more about the Hillstone Networks layered security platform, please take a look at Hillstone Product Portfolio or talk to Hillstone technical experts.

Hillstone Adds Botnet C&C Prevention to StoneOS

Vulnerability Notification: Microsoft Windows Shell Zip File Remote Code Execution

Vulnerability Notification: Cisco Adaptive Security Appliance Webvpn XML Parser Double Free

Announcing Enhancements to Hillstone Networks CloudView

Announcing the Hillstone Server Breach Detection System 2.1

Vulnerability Notification: Adobe ColdFusion Deserialization

Vulnerability Notification: Oracle WebLogic Server XmlAdapter Deserialization

Statement on Vulnerability: Hillstone Networks does not use Intel Processors in its NGFW

Hillstone Responds to Bad Rabbit Ransomware