SOURCE: Cyberoam

January 23, 2008 11:11 ET

Q4 2007 Threats Bypass Traditional Network Security Solutions

Identity-Based UTM Solutions and Recurrent Pattern Detection Technologies Are Key to Providing Better Network Protection in 2008

NEWBURYPORT, MA--(Marketwire - January 23, 2008) - Cyberoam, a division of Elitecore Technologies and the leading innovator of identity-based Unified Threat Management (UTM) solutions, today announced the Q4 email threat trends of 2007 revealed a steep rise in attacks using social networking techniques targeting user psychology and behavior patterns. Spammers launched attacks by predicting user behavior patterns, such as looking for easy cash and discounted gifts during the holiday season, and preying on consumer trust to generate interest in cheap pharmaceutical products and stocks. Existing security solutions were unable to block the new spam formats and techniques, resulting in an alarming rise in spam levels reaching 96% by the end of 2007.

Spammers used the Storm Worm, an aggressive and self-preserving botnet, to generate, host and distribute large amounts of spam and malware in 2007. Consequently, the Storm Worm's massive outbreak accounted for 7-10 percent of all global spam traffic at its peak. Experts agree, however, that the worm has yet to reach its damaging potential. The Address Validation Spam sending seemingly harmless, incoherent or empty email messages from an unfamiliar address was used to validate the email addresses in the botnet owners' list. The 'clean' list was then rented out at a higher value to spammers and other cyber villains. Spam attacks in short, intense waves by the Stration malware maximized damage in the first few hours of the attack before anti-virus signature updates could be released.

Spammers gained financially by using traditional image spam techniques, promoting pharmaceutical products and pump-and-dump stocks with images that included non-clickable URLs and stock ticker symbols. Recipients interested in the products and stocks opened a web browser and manually typed in the URLs, driving up the sales of cheap pharmaceutical products and stock prices. Spam emails using holiday subject lines easily slipped past anti-spam filters and users' suspicions. These emails took users to malicious websites and attempted to download Trojan software. Most anti-spam solutions were ineffective, as blocking emails leveraging holiday-themed keywords often resulted in false positives.

The Q4 2007 Email Threat Trend Report, prepared in collaboration with Commtouch, revealed that botnets are becoming more sophisticated and difficult to control. Traditional IP blocking technologies are unable to maintain pace with the dynamic IP activation and deactivation of innumerable botnets.

"Spammers will be increasingly using such social networking tactics around topical events to fool users and anti-spam solutions in 2008," said Joshua Block, Vice President of North American Operations for Cyberoam. "Real-time protection against emerging spam attacks is important to protect the network. Security solutions must transcend the blanket and IP-based policy approach and enable organizations to track user activity and set user identity-based rules. Cyberoam's identity-based anti-spam solution using Commtouch's Recurrent Pattern Detection (RPDTM) technology is an answer for proactive defense against such spam outbreaks in 2008."

Cyberoam uses the Commtouch RPDTM technology to analyze large volumes of Internet traffic in real-time. Unlike traditional spam filters, it does not rely on email content, so it is able to detect spam in any language and in every message format (including images, HTML, etc.), non-English characters, single and double byte, etc. Its language and content agnostic nature enables it to provide effective spam blocking capabilities.

Cyberoam incorporates this technology within its UTM appliances, which deploy identity-based functionality across all of its features. A departure from traditional IP address-dependent solutions, Cyberoam determines precisely who is doing what in the network, providing IT managers with stronger policy control and clearer visibility of activity.

Cyberoam delivers a complete range of security features such as identity-based firewall, VPN, gateway antivirus, gateway anti-spam, intrusion detection and prevention, and content filtering, in addition to bandwidth management and multiple link management -- all over a single platform. Cyberoam UTM appliances offer integrated Internet security to over 1,000 enterprises globally, including corporations, educational institutions and government organizations.

Click here to read the full report on Q4 2007 Email Threat Trends

About Cyberoam

Cyberoam Identity-based UTM appliances offer comprehensive protection against existing and emerging Internet threats, including viruses, worms, Trojans, spyware, phishing, pharming and more. Cyberoam delivers the complete range of security features such as stateful inspection firewall, VPN, gateway anti-virus, gateway anti-malware, gateway anti-spam, intrusion detection and prevention, content filtering in addition to bandwidth management and multiple link management over a single platform. Cyberoam offers robust Internet security to corporations, educational institutions and government organizations worldwide, and its solutions are certified by the West Coast Labs with CheckMark UTM Level 5 Certification, ICSA Lab, an independent division of Verizon Business, and the Virtual Private Network Consortium. Cyberoam has also received the 2007 Global Excellence Awards for Integrated Security Appliance, Security Solution for Education and Unified Security, and the 2007 Tomorrow's Technology Today Award for Unified Security. Cyberoam has offices in the Newburyport, MA and India. For more information, please visit www.cyberoam.com

About Elitecore Technologies

Elitecore Technologies Limited is the global provider of Cyberoam UTM appliances. Elitecore's other divisions include Crestel Convergent Billing Solution that meets the voice, data, video billing and customer care requirements of Tier-1 service providers and 24online Billing and Bandwidth Management Solution for hotels, hotspots and Internet service providers. Elitecore has a strong R&D base and support center in India; it has sustained a healthy growth rate of over 100% since inception. For more information, please visit www.elitecore.com