That’s right, a CryptoLocker Stopper.
Is there really such a thing?
It appears so, at least for some forms of the beast. This amazing bit of technology has been around for a while. But at price point that was more Fortune 500 than SME. Now WatchGuard (they’re a firewall manufacture) has made APT Blocker (Advanced Persistent Threat Blocker) technology affordable.
How does it work?
As emails pass through the firewall it scans for attachments with dangerous code in them. If the code is known to be dangerous, it blocks it. If it’s suspicious or unknown, it sends the email to a sandbox in the cloud. In the sandbox the attachment is opened and its activity scanned for CryptoLocker type activity.
In the real world it works like this: criminals embed code in a Microsoft Word document and send it to you. The WatchGuard scans the document and finds the hidden code. The document is sent off to WatchGuard cloud. An automated process opens the word document in secure containment. The system monitors what the document does and detects whether it is trying to secretly download code from the internet. If it’s found to be a CyrptoLocker, the document is blocked.
Does it slow down email?
We have not seen noticeable delays in mail delivery.
What do I need for this protection?
You need a WatchGuard Firewall, plus the Security add-ons. Features like APT Blocker have an annual cost which will vary from model to model. Along with the APT Blocker you also get a number of other security enhancements designed to further protect your network. This assumes that your email server is behind the firewall.
Doesn’t my firewall already protect me?
Someone at the border can have a valid passport and documents that show they are visiting friends in the USA. They can look and behave just like the thousands of other legitimate travelers. but they might have a secret agenda. APT Blocker looks to unravel that agenda.
How do I get APT Blocker?
If you have a recent model of WatchGuard this may be a software license upgrade and labour cost to deploy. Older WatchGuard’s may need upgrading. If you don’t have a WatchGuard, we can ascertain if there is value in changing to one.