IT always has been a game of cat and mouse — as IT security experts find new ways to protect their network, hackers will find new ways to breach the system.

Today’s cyber criminals are using craftier methods such as APT (Advanced Persistent Threat) to access sensitive information without being detected.

“Your typical cyber attack is like a burglar breaking and entering your home but when a criminal uses APT, it is akin to a spy entering your home and going through your stuff without leaving a trace,” said Corey Nachreiner, director of security strategy and research for Watchguard Technologies.

“The Stuxnet virus that ruined Iran’s nuclear centrifuges in 2010 was a milestone event as it was the first time APT was used. This included sophisticated techniques like zero-day exploits, spear phishing and chain-of-trust attacks.”

After the attack even “common” malware strains have taken advantage of tactics used by Stuxnet.

“For example, Zeus a Trojan type of malware copies Stuxnet’s zero-day exploits and uses stolen certificates to pass off as legitimate software,” said Nachreiner.

“Traditional anti-malware software is not enough because nearly 88% of modern malware morphs to evade signature-based antivirus solutions,” he claimed.

Which is why Watchguard has announced an APT Blocker to defend against such attacks. The solution offers real-time threat visibility and protection and uses the power of the Cloud to verify if a suspicious file is dangerous.

When APT Blocker finds a file suspicious it will be sent to a Cloud-based sandbox, a protected environment where it will simulate a victim’s system and analyse the malware’s behaviour.

“Watchdog’s detection capabilities extend beyond known malware patterns to include new and constantly evolving signatures,” Nachreiner said.

“APT Blocker is not deceived by evasion tactics used by APTs, as it can monitor their behaviour and what happens at the CPU level.”

But blocking APTs is only half the battle, as network and IT security personnel also need to stay alert to new threats.

They are usually inundated with too much data which prevents them from doing their jobs, Nachreiner claimed.

“Due to this they are unable to make proper policy decisions which could result in poor Internet security defences.”

To help keep their heads above water, the company has released Dimension, a Cloud-ready network security solution that provides data visibility and reporting tools to isolate security issues.

Nachreiner said the solution would allow them to review massive amounts of data and filter traffic to look for critical information.

“It also offers a threat map that lets the IT manager see where the threats are coming from and within a few clicks they can block them to protect the network.”

“Even in the current security landscape, I have a strong feeling that the good guys have a slight technological advantage over the bad guys this year but that is not to say that we can let our guards down,” said Nachreiner.