"I had no idea my network printers are talking to China!" exclaimed Gary Woodward, network administrator of the West Memphis School District in Arkansas. This is a typical reaction when customers first install ThreatSTOP and find that their network is infested with botnets and active malware from all the rogue places primarily in Eastern Europe and China. This is their "Houston, we've got a problem!" moment. See the case study for more details.
The surprise and shock come from 3 misconceptions:
1. There is still a lack of general awareness about the vastly different nature of botnets and active malware and the damage they can do compared to virus and spam which are yesterday's nuisances. The whole category of botnets, active malware and advanced persistent threats are the primary security problems of the day and the foreseeable future.
2. "I've got XYZ that's protecting me already." In WMSD's case, Gary thought he was protected by Vyatta’s NAT (network address translation), a M86 content filter administered statewide by the state, and a free OpenDNS as a backup. In fact, time and time again, wherever we go, we find very bad stuff lurking inside a customer's network regardless of what they were using as security solutions. Cisco, Symantec, Checkpoint, SonicWall, Palo Alto Networks, doesn't make a difference. That's why we say that the current products, which are primarily signature and packet inspection-based, are ineffective in catching this "new" class of malware. They were designed for the old class of problems and give a false sense of security. We call them the "70% and 3 days late" solutions.
3. Finally, there is naivete. "Why should someone from Latvia attack me? I've got nothing valuable!" Welcome to the reality of sophisticated criminal syndicates from around the world attacking anyone connected to the Internet with impunity almost for free using victims' own computers. Talk about the perfect crime! While the Fortune 1000 organizations can afford the best security money can buy--and even they are not immune to breaches--it is the vast number of small-medium organizations that are prime targets of cybercrime precisely because they don't have the resources and the vigilant attitude. Two stats suffice here:
1. Visa reports that 95% of credit card data breaches come from small issuers.
2. Verizon and the U.S. Secret Service reported that the % of reported attacks on SMEs (small-medium enterprises) rose from 27% to 63% from 2009-2010.
What's the message? There are 3:
1. Botnets/active malware is the network problem of the day that is not solved by the prevailing security products in the market.
2. Everyone is a a target and potential victim, especially small organizations. Lack of awareness, naivete and a false sense of security are dangerous and expensive attitudes to have.
3. ThreatSTOP offers the most cost effective cloud service based on IP Reputation that solves this big problem by enabling your existing firewalls to block bad traffic bidirectionally. It can be deployed within the hour and protect you immediately. You can sign up for a free trial right on www.threatstop.com.