The Ultimate Guide to Credit Cards
Thursday, September 24, 2020

Avoid Zero-Day Attacks: Check Point® Software Prevents Security Threats Before They Become Exploited Vulnerabilities

Check Point Software Prevents Zero Day Attacks

credit card news

Ashley Dull
By: Ashley Dull
Posted: October 11, 2018

Our experts and industry insiders blog the latest news, studies and current events from inside the credit card industry. Our articles follow strict editorial guidelines.

In a Nutshell: With millions of cyberattacks aimed at retailers every day, simply detecting malicious software is no longer enough to protect a network. Check Point Software Technologies is aware that more needs to be done, which is why it focuses on threat prevention at every access point. The company blocks zero-day attacks — in which a company has no time to react — at the source through its robust software.  Check Point can also detect malware on mobile devices and thwart attacks from within a shared or dedicated cloud. Prevention goes down to the workstation level as Check Point helps ensure employees can’t open attachments filled with malicious code. Dedicated to staying ahead of threats, Check Point is committed to finding and closing up company vulnerabilities.

As one of the world’s leaders in mobile technology, Samsung is always researching and developing the next iteration of its groundbreaking products — such as its line of Galaxy phones and tablets. Samsung Research America (SRA), located in Silicon Valley, is a driver of that innovation and creates software that focuses on the future of the user experience.

Protecting the sensitive information and intellectual property that the team at SRA works with every day is critical, and it needed a security partner that could thwart any malicious attack on their network down to an individual mobile device. Samsung chose Check Point Software Technologies, which provided its advanced Mobile Threat Prevention platform.

Check Point is in the business of preventing breaches for clients like SRA because of all of the sensitive data that is continuously flowing in and out of their networks. Whether it is a technology giant like Samsung or a retailer with a vast amount of customer data, Check Point gives its clients peace of mind.

“The primary value we provide customers is the protection of their networks and critical assets,” said Jason Min, Head of Business and Corporate Development, Check Point. “With retail companies, that can be all of their user information — names, addresses, Social Security numbers, and credit card information.”

Check Point takes a preventative approach to security instead of a reactive one. Its software and technology actively seek out threats to neutralize them before they become problems. With the proliferation of zero-day attacks — which are attacks on vulnerabilities that a retailer is not even aware of — a proactive security partner is now a necessity.

An alarming number of attacks are being mounted against businesses around the world every day, so it is not a matter of if an attack will happen, but, rather, when. By helping companies prevent workstation, cloud, and mobile device threats from entering a network, Check Point has become a trusted provider for 85% of the world’s Fortune 500 companies.

Mobile Threat Prevention Locks Out Risks From a Network

Retailers are among the largest employers in the world, and with that many employees come risks that require management. One big concern is the use of mobile devices that are connected to a company’s network.

Those connections can open businesses up to vulnerabilities, as an attack on a single mobile device can lead to an infiltration of the entire system. Check Point focuses on preventing these types of breaches at the source, and it has developed the Mobile Threat Prevention platform to lock malicious code out of a network.

“Employees are downloading infected applications on their mobile phones, which can allow credentials to be stolen, and data to be exported from the device,” Jason said. “Mobile Threat Prevention finds zero-day threats on a mobile device — and in applications — preventing them from installing on the phone.”

From a single dashboard, the business can see every device that is linked to its network — and which ones may have been compromised. If a mobile device is suspected of being breached, it is blocked from accessing the network.

Mobile Threat Prevention is also uniform no matter what network a user is on — corporate, wifi, or cellular. Employees in today’s workforce are increasingly mobile, which means they are also vulnerable to new types of attacks — even though they might not be aware of the risk.

But mobile is far from the only point of entry for potential hackers; many come at the workstation or operating-system level, which Check Point protects with the same veracity.

Examining Threats at OS and CPU Level to Thwart Malware

As many retailers already know, something as simple as an employee downloading the wrong email attachment can bring a network down. Check Point knows that weaponized documents are a favorite way for attackers to target business databases, which is why it created SandBlast Zero-Day Protection to eliminate these threats.

Some retailers’ systems use sandboxing, which is testing files in a safe environment outside the CPU, so, if malicious files are detected, they can be removed without ever harming a computer or network. But Check Point has seen a rise in sophisticated programs that are meant to lay dormant during the sandbox phase and execute once they get to a user.

SandBlast can detect malicious actions at any point of their journey and eliminate them as they start running. This technique allows business to continue while threats are being neutralized, instead of information being subject to delays as it is inspected.

“There are thousands of new threats being created every day, and it is important to be able to identify these as soon as possible,” said Jason. “SandBlast prevents all forms of those modifications and new threats that are emerging.”

Cyber attackers keep evolving their techniques because of the value of the data being stolen. And those attacks don’t have to be aimed directly at a retailer’s network; they can target virtual datacenters where the information of many businesses lives.

Check Point vSEC Protects Private Clouds From the Inside Out

Whether a retailer leverages a datacenter — especially one where multiple companies store data — they can be vulnerable to an attack from within. Firewalls are often set up at a cloud’s entry point, but from what Check Point has seen, one point of security is not enough to stop the ever-evolving nature of attacks.

“The Cloud is an important piece of the network that has to be protected,” Jason told us. “Multiple companies can be leveraging it through IaaS (Infrastructure as a Service), and that also creates a single point of failure where if one part of their cloud goes down, it affects thousands of customers. It can also be the ultimate target for hackers because it is much cheaper for them to attack many different businesses.”

Check Point’s answer to this is vSEC, which inspects and protects data being transmitted within a cloud, whether private or used in an IaaS environment. This gives businesses the ability to secure their own data in any cloud by preventing attacks from within, or east-to-west traffic, as Check Point calls it.

Large retailers with dedicated datacenters and connections can be particularly vulnerable as data can be connected to all of their locations. With vSEC, they can prevent malicious attacks between all of these locations by stopping them at the source.

“If a retailer has 1,000 branches, there will be a regional or corporate datacenter that those branches connect to — sort of a hub-and-spoke model,” Jason said.

Check Point has gateways at both the hub and the spokes to detect, eliminate, and prevent malware from compromising the sensitive information being transmitted and stored.

“We protect retailers at the corporate level — that is largely where credit card information from the branches is stored,” Jason told us. “For the spokes, we also have our smaller gateways to inspect traffic at the branch level — that incorporates the POS system. We examine encrypted info going back to the network for malicious data and stop it at the point of attack.”

Vigilance is a fundamental element in preventing threats, but Check Point goes even further by actively seeking out vulnerabilities that hackers will try to exploit in the future.

Safeguarding Vulnerabilities Retailers Don’t Even Know Exist

Samsung Research America chose Check Point not only because of its ability to neutralize today’s threats, but also for its focus on the threats of tomorrow. Check Point has an entire branch that is devoted to vulnerability research, and the company tries to penetrate different applications or websites, find breaches, and alert companies of its findings.

Zero-day attacks are, by nature, unexpected, but Check Point can find where they will take place and safeguard those access points. Jason has seen first-hand how effective network consolidation can decrease penetration and increase the time a business has to focus on more important aspects.

“Retailers are focused on selling products and developing strategies; they don’t want to be worried about breaches,” he said. “We consolidate the network, the security posture, and provide the best protection — that really resonates.”

Check Point’s ability to keep threats away from a retailer’s network provides peace of mind and allows a business owner to invest more energy into making their operation more successful. Preventing attacks can be equal parts vigilance and thinking ahead — and Check Point is a security solution that excels at both.