01.28.2010 – Waltham, Mass. – Application Whitelisting industry leader Bit9 announced today that Application Whitelisting is being used to prevent the current Internet Explorer (IE) zero-day attacks.
The recent attacks (also called the Hydraq Trojan or Operation Aurora) are sophisticated and organized cyber attacks that seek to access and steal information from compromised computers. Bit9 Application Whitelisting provides out-of-the-box protection against these attacks. Rather than scrambling to react to the latest announced vulnerability, IT administrators using Bit9 Parity™ handled the Microsoft IE attacks in the same way any other piece of unauthorized software is handled: it was automatically stopped. Any malicious Trojan or payload, which is new and by definition not on the company’s defined “whitelist” of approved applications, will not execute.
According to Gartner, application whitelisting should be considered “foundational in our strategy to protect endpoints.”
“Application whitelisting solutions at the endpoint provide exceptional protection from zero day and targeted attacks,” wrote Neil MacDonald, VP and Distinguished analyst at Gartner.*
“In the past few weeks we’ve seen large corporations scrambling to take reactive measures to protect themselves against the IE zero-day vulnerability and attacks. But for Bit9 customers, it has been business as usual,” said Harry Sverdlove, chief technology officer, Bit9. “From the outset, we recognized the Microsoft IE vulnerability for what it was – another zero-day attack that has become more common as the industry faces more of these Advanced Persistent Threats. No matter how deftly it eluded some security detection systems, it couldn’t get around the simple logic employed by Bit9’s Whitelisting technology.”
About the Zero-day Internet Explorer (IE) Vulnerability
Operation Aurora (also called Hydraq and the Microsoft IE Vulnerability) is a targeted malware attack against at least 30 major companies—including Google, Adobe, Rackspace, Juniper Networks—which exploited a zero-day flaw in Internet Explorer. The exploit allowed malware – a Trojan – to load onto users’ computers. Once loaded, the malware could take control of the computer to steal corporate intellectual property. The Trojan attempts to make contact with command and control servers in order to receive instructions and to upload any information that it may have collected. This type of attack is often called an advanced persistent threat because of the sophistication and persistence of the attack within a business.
The attack was aimed at dozens of other organizations and according to media reports Yahoo, Symantec, Northrop Grumman, Dow Chemical and Gipson Hoffman & Pancione were also among the targets.
For more information, join us for a free webcast to learn how Bit9 Application Whitelisting can protect you against this attack and the next variant waiting to happen. Please register here, or go to: http://bit.ly/9au6eu.
About Bit9, Inc.
Bit9 is the pioneer and leader in Enterprise Application Whitelisting. The company’s award-winning solutions provide total visibility and control over all software on Windows computers, eliminating the risk caused by malicious, illegal and unauthorized software.
Bit9 leverages the Bit9 Global Software Registry™ – the world’s largest database of software intelligence – to identify and classify software, delivering the highest levels of endpoint security, compliance, and manageability. Bit9’s global customers include companies in a wide variety of industries, such as government, financial services, retail, healthcare, e-commerce and education.
In the current Application Whitelisting competitive product review, InfoWorld awarded Bit9 Parity with the highest score ever given and named the Bit9 the top Application Whitelisting vendor in the industry.
Bit9 was awarded a prestigious $2M United States federal research grant in 2003 from the National Institute of Standards and Technology-Advanced Technology Program (NIST ATP) to conduct the research that is now at the core of our application whitelisting solutions. Bit9 is privately held and based in Waltham, Massachusetts. For more information, visit http://www.bit9.com or call +1 617.393.7400.
*Another Lesson from the IE Zero Day Attacks on Google: The Power of Whitelisting, by Neil MacDonald, Vice President and Distinguished Analyst, Gartner.