Safely Detonate That Malware

I like the potential of the FireEye Malware Protection System (MPS).

Unlike traditional signature-based malware protections like antivirus, firewalls, and intrusion prevention systems (IPS), FireEye is an additional security layer that uses a dynamic Multi-Vector Virtual Execution (MVX) engine to detonate even zero-day attacks from suspicious files, web pages, and email attachments.

According to Bloomberg Businessweek, Target’s implementation of FireEye detected the malware attack on Nov 30, 2013 and it alerted security officials, but allegedly “Target stood by as as 40 million credit card numbers–and 70 million addresses, phone numbers, and other pieces of personal information–gushed out of its mainframes”over two weeks!

In fact, FireEye could’ve been set to “automatically delete [the] malware as it’s detected” without human intervention, but “Target’s team apparently “turned that function off.”

FireEye works by “creating a parallel computer network on virtual machines,” and before data reaches its endpoint, they pass through FireEye’s technology. Here they are “fooled into thinking they’re in real computers,” and the files can be scanned, and attacks spotted in safe “detonation chambers.”

Target may have been way off target in the way they bungled their security breach, but using FireEye properly, it is good to know that attacks like this potentially can be thwarted in the future. 😉

[Note: this is not an endorsement of any product or vendor]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s