ZETA Shield follows another KIS 2014 debutante imported from our heavy-duty corporate products – Trusted Applications. ZETA also first appeared in our corporate solutions, where it’s more than proven its worth and has now been adapted for use in personal products. And as far as I know, it’s the world’s first use of such technology in personal products.
ZETA‘s work can be divided into two stages.
First comes the mechanical bit – the target needs to be taken to pieces. For instance a Word document might contain embedded items – other files, flash data, other documents, even an operating system distribution or a collection of viruses – anything at all! Our task is to identify the nature of all these items (and boy how they love to disguise themselves!) and classify them.
Then it gets more interesting… The heuristic analyzer kicks in – weighing up the contents, the layers of nesting, and the relationships among all these items, evaluating their similarity to templates of threats detected earlier, detecting anomalies, and taking a decision about how dangerous a given file is (whether or not it’s a binary weapon).
First of all, one important point:
There’s a common view that targeted attacks are always aimed at governments, defense organizations, critical infrastructure installations or politicians, while if aimed at commercial companies – then at least those the size of Microsoft. Also, it’s often thought that the mind-boggling complexity of such attacks is worthy of… immortalization by Hollywood
No. And no.
The reason for the first misconception can be explained by the fact that most of the media carry stories only about attacks at the highest level.
Read More
