Select Page

If the headlines can remind us anything, it’s that hackers are always on the hunt, using the most cutting edge tools to breach and infiltrate networks and assets. This week, reports of a new ICS-specific malware, called CrashOverride or Industroyer, has hit the headlines. Industroyer’s critical differentiator lies in the fact that it uses known protocols in the way they were made to be used. These protocols, designed decades ago, were not developed with security in mind, as they were isolated from the outside world. Therefore, hacking into these protocols simply means that attackers only need to teach their malware “to speak” the language of the protocol. This is where Hillstone Networks provides real value in mitigating attacks in these environments.

To prevent and mitigate malware threats, Hillstone Networks offers the following prevention methods against Industroyer:

  • Anti-Virus Detection Engine – In the virus spread stage, the Anti-Virus detection engine scans the traffic of multiple protocols (HTTP, STMP, POP3, IMAP4, etc.) and matches the detection of known virus files and loading programs according to the most updated library. Meanwhile, the Anti-Virus detection engine can use the URL reputation library to detect downloads and external connection behaviors to block them.
  • Cloud Sandbox – The Hillstone Cloud Sandbox can provide targeted prevention towards derivative variant files. Cloud Sandbox extracts unknown files in traffic, simulates the file execution environment, and dynamically monitors and analyzes the execution behavior of these unknown files. If these unknown files start attack-like behaviors, Cloud Sandbox can capture this behavior and determine the files as malware.

To learn more about the Hillstone Networks layered security platform, please take a look at Hillstone Product Portfolio or talk to Hillstone technical experts.

Hillstone NGFWs Recognized for 8th Straight Year in Gartner® Magic Quadrant™, Named as a “Visionary”

Hillstone Networks Wins 2021 CybersecAsia Readers’ Choice Award

ZTNA: A Better Way to Control Access, Boost Security

Hillstone sBDS V3.4 Extends Supplementary Detection Capabilities

Kudos to the Hillstone Security Research Team for Being Acknowledge by Microsoft for Vulnerability Discovery

Hillstone Releases iSource, an Extended Detection and Response Platform

Hillstone’s A200W streamlines deployment of cost-effective perimeter solution

Endpoint Detection and Response: Getting from Good to Great

ADC V2.9 delivers traffic and balances links at an unprecedented level