SonicWall has expanded the capabilities of the patent-pending SonicWall Real-Time Deep Memory Inspection (RTDMI) technology to enhance protection against malicious PDFs and Microsoft Office files. A key component of the SonicWall Capture Cloud Platform, the SonicWall Capture Advanced Threat Protection (ATP) sandbox service, using RTDMI technology, identified more than 3,500 never-before-seen attack variants since January 1, 2018.
“Cybercriminals are executing with extreme agility to exploit any and all vulnerabilities in both technology and user behavior,” said SonicWall President and CEO Bill Conner. “Memory regions are the next key battlegrounds where organizations will combat cybercriminals. If left unmitigated, they’ll leave a key attack vector vulnerable to new waves of modern cyberattacks.”
First announced in February 2018, RTDMI technology is used by the SonicWall Capture Cloud Platform to identify and mitigate even the most insidious cyber threats, including memory-based attacks. RTDMI proactively detects and blocks unknown mass-market malware — including malicious PDFs and attacks leveraging Microsoft Office documents — via deep memory inspection in real time.
“Attacks are leveraging sophisticated and proprietary encryption techniques to mask their attacks within memory,” said SonicWall CTO John Gmuender. “For this reason, organizations need to be proactive in identifying and mitigating attacks where weaponry only is exposed for up to 100 nanoseconds. More and more malware, ransomware and other advanced attacks will be delivered via this vector in the coming months and years.”
The 2018 SonicWall Cyber Threat Report advises that cybercriminals will continue to leverage users’ trust in PDFs and Microsoft Office applications (which represented five of the top 10 attacked applications of 2017). Because of obfuscation techniques, many legacy firewalls and anti-virus solutions are unable to effectively identify and mitigate PDFs or Microsoft Office file types that contain malicious content.