APAC CIOOutlook

Advertise

with us

  • Technologies
      • Artificial Intelligence
      • Big Data
      • Blockchain
      • Cloud
      • Digital Transformation
      • Internet of Things
      • Low Code No Code
      • MarTech
      • Mobile Application
      • Security
      • Software Testing
      • Wireless
  • Industries
      • E-Commerce
      • Education
      • Logistics
      • Retail
      • Supply Chain
      • Travel and Hospitality
  • Platforms
      • Microsoft
      • Salesforce
      • SAP
  • Solutions
      • Business Intelligence
      • Cognitive
      • Contact Center
      • CRM
      • Cyber Security
      • Data Center
      • Gamification
      • Procurement
      • Smart City
      • Workflow
  • Home
  • CXO Insights
  • CIO Views
  • Vendors
  • News
  • Conferences
  • Whitepapers
  • Newsletter
  • Awards
Apac
  • Artificial Intelligence

    Big Data

    Blockchain

    Cloud

    Digital Transformation

    Internet of Things

    Low Code No Code

    MarTech

    Mobile Application

    Security

    Software Testing

    Wireless

  • E-Commerce

    Education

    Logistics

    Retail

    Supply Chain

    Travel and Hospitality

  • Microsoft

    Salesforce

    SAP

  • Business Intelligence

    Cognitive

    Contact Center

    CRM

    Cyber Security

    Data Center

    Gamification

    Procurement

    Smart City

    Workflow

Menu
    • Marine Tech
    • Cyber Security
    • Hotel Management
    • Workflow
    • E-Commerce
    • Business Intelligence
    • MORE
    #

    Apac CIOOutlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIOOutlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    Editor's Pick (1 - 4 of 8)
    left
    3D Printing Requires Wildly Different Thinking

    James MacLennan, SVP & CIO, IDEX Corporation

    Relying On Technologies To Transform Data Into Information

    Mark Ohlund, CIO & Sr. V.P., Armada Supply Chain Solution

    Innovation Isn't Easy

    Rowan Dollar, CIO, Information and Technology, Department Of Primary Industry and Services, Northern Territory Government

    Analysing the Technological Challenges

    Rowan Dollar, CIO, Northern Territory Government

    The Global Technology Revolution

    Anthony G. Dupree, Chief Information Officer & CISO, Novitex Enterprise Solutions

    AI Superpower: The Leaders and The Contenders (PART - II)

    Utpal Chakraborty, Head of Artificial Intelligence, YES Bank & AI Researcher

    Technologies shaking up the maritime industry

    Peter Mellor, Director, Sedimental Pty Ltd

    How Technology is Changing the Future of Logistics

    Natalie Sauber, Market Intelligence & Mobility Solutions Lead, Arcadis

    right

    Sandbox Gateway Appliances- Advanced Breed Of Security Solutions

    Sanjay Katkar, CTO, Quick Heal

    Tweet
    content-image

    Sanjay Katkar, CTO, Quick Heal

    Over the past few years, spear phishing attacks via highly targeted messages have been the primary vector of successful data breaches. More than 90% of successful attacks on enterprise networks are the result of spear phishing methods. This has led to the rise of a new breed of security solutions- Sandbox-Based Gateway Appliances. This solution provides advanced malware detection for incoming emails in the form of an easy to use Sandbox appliance. It launches every incoming email attachment in a secure virtual environment to monitor its runtime behavior. In case it detects any malicious activity, a red flag is raised. The results of this technology have been positive so far, and many zero-day Advanced Persistent Threats (APTs) have been detected and blocked by this approach. As a result, several business enterprises are turning to such Advanced Threat Protection Sandbox-Based Gateway Appliances for their network security.

    So does the implementation of this security signal the end of APTs and data breaches within enterprises? The early success of such Sandbox-Based appliances can be attributed to the fact that malware variants were never designed with such protection mechanisms in mind in the first place. Instead, these samples were focused towards breaching traditional antivirus and firewall solutions to test and plan their attacks. This enabled them to breach traditional security solutions with zero-day attacks very frequently. But now that more enterprises are using these Advanced Threat Protection Sandbox-Based appliances, new malware variants are being designed with the aim of penetrating this specific protection mechanism.

    Sandbox execution, or virtual environment execution, does have its own limitations which are specifically targeted by advanced next-generation malware. A major limitation here is that Sandbox Gateway Solutions can only execute and monitor the executables for limited time duration. They cannot wait endlessly to observe and detect malicious behavior as and when it arises. This key limitation is quite easy to take advantage of and today’s malware samples simply wait for more than 10-15 minutes before they start their malicious activity. In other words, they simply go to sleep and maintain the executable behavior as normal for the initial 10-15 minutes.

    Another limitation is that several complex vulnerability exploits are triggered only for particular environments which are hard to recreate in virtual environments. For example, a specific exploit will work only if a particular version of Adobe Reader is used on a particular version of Windows running a specified Service Pack. Such a situation will be hard to emulate in a Sandbox environment. These targeted APTs are expertly designed by conducting a deep and thorough study of the targeted organizations. They are made for situations where in these specific environment scan be recreated at endpoints that are suitable for vulnerability exploits. Such targeted APTs will be extremely hard to detect in simulated or virtual environment executions. Moreover, newer malware variants are also designed to proactively detect if they are being executed in a virtual machine or in an actual machine as well.

    At the Quick Heal Threat Research Labs, we have come across a new malware sample that was able to breach this Sandbox protection. It successfully worked its way around this mechanism and reached auser’s inbox without getting detected. Detailed analysis of this sample revealed that it has been designed to infect highly protected networks. It also has several anti-virtual machine and anti-Sandbox tricks implemented within it. This malware was reported on 4th August and it has been named APT1508-04. We believe this discovery signals a new pattern wherein malware authors will devise new methods to invade Sandbox appliances, and then these appliances will release improved versions to combat them. Hence, Sandbox appliances will end up in a similar situation as that of the prevailing endpoint security industry.

    We are in the midst of analyzing this APT threat further, and will be releasing a detailed analysis report soon. What this attack has taught us is that even the most advanced Sandbox-Based appliance protection can be breached. As a result, enterprises need to consider and implement multiple layers of protection to safeguard their networks. While the network breaches of the last few years have raised concerns about the effectiveness of endpoint security protection, future breaches are also sure to raise the question - Can Sandbox appliances provide reliable protection against APTs?

    tag

    Firewall

    Adobe

    Weekly Brief

    loading
    Top 10 Marine Tech Solution Companies 2019
    ON THE DECK

    Marine Tech 2019

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    Read Also

    Artificial Intelligence - Myths And Truths

    Artificial Intelligence - Myths And Truths

    Geraldo Pereira Junior, Chief Information Officer, Ypê
    Sustainable Future through Innovative Technology Solutions

    Sustainable Future through Innovative Technology Solutions

    Faisal Parvez, Director, BT Business CIO
    The Future Relies on Augmented AI

    The Future Relies on Augmented AI

    Laurent Fresnel, CIO, The Star Entertainment Group
    Digitalization with the use of digital technologies/Improving business through digital technologies

    Digitalization with the use of digital technologies/Improving business through digital technologies

    Wilbertus Darmadi, CIO, Toyota Astra Motor
    How Marco's Pizza Leaned On Technology To Succeed Amid The Pandemic By Quickly Pivoting To Contact-Free Delivery And Curbside Carryout

    How Marco's Pizza Leaned On Technology To Succeed Amid The Pandemic By Quickly Pivoting To Contact-Free Delivery And Curbside Carryout

    Rick Stanbridge, VP & Chief Information Officer, Marco’s Pizza
    Bunnings  Diy Digital Transformation

    Bunnings Diy Digital Transformation

    Leah Balter, Chief Information Officer, Bunnings
    For a Smarter City: Trust the Data, Ignore the Hype

    For a Smarter City: Trust the Data, Ignore the Hype

    Brad Dunkle, Deputy CIO, City of Charlotte
    Smart Community Innovation for the Post Pandemic

    Smart Community Innovation for the Post Pandemic

    Harry Meier, Deputy Cio for Innovation, Department of Innovation and Technology, City of Mesa
    Loading...
    Copyright © 2025 APAC CIOOutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy and Anti Spam Policy 

    Home |  CXO Insights |   Whitepapers |   Subscribe |   Conferences |   Sitemaps |   About us |   Advertise with us |   Editorial Policy |   Feedback Policy |  

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://marine-tech.apacciooutlook.com/ciospeaks/sandbox-gateway-appliances-advanced-breed-of-security-solutions-nwid-624.html