IBM touts anomaly detection to counter smarter hackers
By Caroline Donnelly
Posted on 25 Apr 2012 at 09:24
Traditional firewalls and antivirus are no match for increasingly sophisticated hacking attacks, IBM has claimed, as the company announced its “anomaly detection” hardware.
Speaking to our sister site IT Pro at Infosecurity Europe in London, Marc van Zadelhoff, vice president of strategy and product management at IBM Security Systems, said there had been a marked rise in hackers bypassing firewalls over the past year.
“What we saw in 2011 were hackers that were able to install themselves on servers, protected by firewalls and antivirus,” said van Zadelhoff.
“They then start to flow out data, a few bits at a time, to a receiver on the outside of the organisation.”
Hackers could be sending out customer details to an FTP or IP address you don’t usually do business with, and you wouldn’t notice it without an anomaly detection system
To counteract this, the company has launched a new appliance, based on the technology acquired through its buyout of security intelligence software vendor Q1 Labs last October.
IBM said the QRadar Network Anomaly Detection device was designed to detect subtle abnormalities in network traffic, where malware may have been installed to send data to unauthorised destinations.
“[The hacker] could be sending out customer details to an FTP or IP address you don’t usually do business with, and you wouldn’t notice it without an anomaly detection system in place,” he said.
However, the company said the product was not designed to replace firewalls or antivirus, merely provide users with an extra line of defence for outgoing traffic.
- Is it worth upgrading a media centre to Windows 8?
- Flickr redesign: is it enough to tempt photographers back?
- Hands on with the new Google Maps
- Nokia Lumia 925 review: first look
- Why I won't subscribe to Creative Cloud
- GoPro camera strapped to a remote-control helicopter: the ultimate boy's toy
- Acer Iconia A1 review: first look
- Acer Aspire P3 review: first look
- Acer Aspire R7 review: first look
- How we produce the PC Pro podcast
- Yes, I write down my passwords
- How to deal with a ransomware attack
- How secure is your Wi-Fi network?
- How QR codes caught out the security pros
- Why I do not trust Do Not Track... yet
- The hard disks you can "secure" with a single-digit password
- Why I've started using a password manager
- Time to kill off CAPTCHA
- Are today's young people Generation I (for insecure)?
- Ransomware that's better made than antivirus software