In the last year, hackers have stolen more than 500 million financial records without ever entering a building -- and nearly 80% of businesses don’t even realize they’ve been hacked. Why? Because targeted attacks that pinpoint specific individuals within a company are very difficult to detect. In a targeted attack, cybercriminals attach an infected file to a harmless looking email. Since the infected file looks as if it’s coming from a trusted source (through social engineering), employees are tricked into opening the attachment, unaware they just exposed the company to a sophisticated malware attack. One email could put a company at risk. If an attachment contains a zero-day threat -- a piece of malware never seen before – the threat can exploit a vulnerability on an employee's computer, allowing the attackers to have open access to the system.
With the recent rash of zero-day vulnerability exploits, we’re encouraging Symantec Messaging Gateway customers to ensure the Disarm feature is activated in your software. Symantec designed Disarm specifically to block targeted attacks and sanitize email attachments before they reach intended recipients. Symantec's Disarm technology, which began shipping with Symantec Messaging Gateway version 10.5 in November of 2013, blocks zero-day vulnerability threats embedded in Microsoft Office and Adobe .pdf attachments – including the recent Sandworm vulnerability exploiting PowerPoint attachments.
If you’re a Symantec Messaging Gateway customer, you can disarm these types of targeted attacks. Symantec’s Disarm technology removes active content from attachments that could be exploited by attackers. The cleaned document is reconstructed and reattached to the email, and then delivered to the recipient. Your critical information stays safe and protected from targeted attacks and other forms of malware. For more information about the Disarm feature and how to activate it, see our support document, Disarming Potentially Malicious Content.
Additional Resources:
VIDEO: Protect Against Email Targeted Attacks with Symantec Disarm Technology
BLOG: Disarm Advanced Persistent Threats with Symantec Messaging Gateway
BLOG: Attackers Circumvent Patch for Windows Sandworm Vulnerability