March 11, 2020
Digital Arts Inc.
Latest Version of "i-FILTER®" Updated with New Feature to Guard Against More Prevalent Falsified Websites and Boost New Security Genre of Whitelist Usage
Also Works Against Harmful "Emotet" Malware Attacks and Attacks Aimed at Company's Cloud E-mail
Information security solution provider Digital Arts Inc. (headquartered in Chiyoda-ku, Tokyo, Japan; CEO: Toshio Dogu; hereinafter referred to as "Digital Arts"; Code 2326) will release version 10.40 of its web security product "i-FILTER" on March 12, 2020. The new version has strengthened measures to counteract targeted attack e-mails at the network entrance by adding a new function to block transmission of IDs and passwords (credentials) to falsified websites.
Recently increasing targeted attacks using falsified websites as entry points
With the Tokyo Olympics scheduled for this year (now postponed), cyber-attacks are on the rise in Japan, and the resulting damage is forecast to be severe.
Among these, attacks targeting specific companies and organizations are continually increasing, making measures to prevent information leaks an urgent priority no matter the size, scale or type of industry. In the "Top 10 Security Threats of 2020" 1 released by the Information-technology Promotion Agency (hereinafter referred to as IPA), the top threat to information security at companies and organizations has been "Information theft via targeted attacks" for five years in a row since 2016.
In this situation, our company's "i-FILTER" Version 10 makes use of a whitelist to block access to potentially harmful unknown URLs that aim to exploit informational assets, and also uses a download filter function to block downloads of malware. This combination offers a strong line of defense against targeted attacks.
However, nowadays there are many cases where an attacker steals ID and password authentication information (credentials) by leading his targets to access files attached to e-mails and falsified websites linked from URLs, or where another causes a malware infection that infiltrates the company's network to exploit information. It is known that many of the "Emotet" 2 malware cases that have been circulating since late last year have used the same tricks. These falsified websites not only have an appearance difficult to distinguish from legitimate websites, but also the same URLs as the legitimate counterparts, posing a difficult challenge for security products.
Offering more robust security measures against attacks targeting credentials through falsified websites
To defend against this new technique, Digital Arts will offer "i-FILTER" Version 10.40 with a new feature to guard against falsified websites. These websites function as entry points for targeted attack e-mails. Version 10.40 makes use of Digital Arts' proprietary technology to ensure that users' IDs and passwords are not sent to the falsified web sites that users have a difficult time distinguishing, even if the users input these credentials. In this way, it prevents attackers from invading the network, making it possible to block the leakage of informational assets from the entrance. Also, if users attempt to download malware this is blocked thanks to the "download filter function" featured in previous versions with its settings now more aligned with real-world use.
Support for increased security while working from home due to COVID-19
With the recent increase in working from home due to the outbreak of COVID-19, more devices are set to be taken home by workers. Following from this, an increasing amount of informational assets are forecast to be transferred to cloud services through VDI and secure browsers. Falsified sites make use of these cloud service login pages, and cases can be seen where phishing scams target and attempt to leak companies' informational assets through these falsified pages.
"i-FILTER" Version 10.40 has new features that block unknown attacks and use a whitelist designed to guard against the falsified sites, which are increasingly more of a threat. These features add to a more robust security product and a safer work environment.
- 1 The IPA selects candidates from information security cases that emerged in 2019 and were thought to have had a major effect on society that year. These are selected by 140 members, including researchers in the information security field and those in charge at the actual companies, who hold a meeting to deliberate, vote on and rank the top 10 threats.
- 2 Emotet" is malware that was first observed in 2014, and has evolved many times. Digital Arts confirmed a case of infection in September of 2019 in which it was downloaded from a falsified website. In this case it used clever tricks to disguise itself, such as using the receiver's name, e-mail address and body text of previously transmitted e-mails. Since late last year the amount of damage has been increasing.
Web security product "i-FILTER" Version 10 guards against unknown threats
This is a web security product to safeguard against both external attacks including targeted attacks, and information leaks from internal sources.
"i-FILTER" Version 10.40 new features and feature improvements
The following features and improvements have been included to guard against the recently often seen trick of falsified websites purporting to be legitimate websites.
New features to block sending of IDs, passwords, etc. to falsified websites, "Credential Protection"
Digital Arts proprietary technology works so that for falsified websites that are normally difficult to distinguish, blocking attempts by users to send IDs or passwords to the site, thereby shutting down the entrance to fully prevent entry to the network.
For URLs that cannot be confirmed as being safe, even with an outward appearance that resembles a legitimate website and with the same URL, transmission is detected and blocked.
"Download Filter" set as default to block the download of high-risk files by detecting cleverly disguised filename extensions
The "Download Filter" feature on older versions of "i-FILTER" has had its default settings aligned more with real-world use, so as to not interfere with general work, only blocking files that have file extensions with high risk of malware infection, thereby protecting users from the latest threats.
Threat from falsified sites recently on the rise
53,894 attempts (10,358 attempts in December alone) at accessing falsified sites were observed in all of 2019 among customers who currently use Digital Arts' web security product "i-FILTER" Version 10.
Digital Arts will continue to offer safety and peace of mind to internet society, and work to increase the level of satisfaction in all of our products. We aim to develop and offer solutions more quickly and on a wider scale for various informational assets such as web, e-mail and files, with an eye on solutions to prevent and handle the ever-increasing threat of targeted attack e-mails from outside and information leaks from inside.
- About "i-FILTER"
"i-FILTER" is a proxy type internet security software that, in a single product, combines countermeasures against external targeted attacks with countermeasures against information leakage from within the organization. It has become number one in the sales share of internet filtering software by a vendor in Japan (issued by ITR Inc. "ITR Market View: Cyber Security Measures Market 2020" URL Filtering Market: Individual Vendor Proceeds Share (2017-2018) (published February, 2020)). It boasts one of the industry's leading internet filtering databases, and blocks targeted attacks via non-registered URLs by treating them as malicious, to realize a safe internet environment. Furthermore, it blocks access to inappropriate sites during work hours, and using this database it is possible to prevent leakage of information via the internet by the use of web-based e-mail, writing in online bulletin boards, and others. When doing so, it can also record, confirm and save the content, making it an effective solution for internal control measures.
- About Digital Arts
Digital Arts Inc. is an information security manufacturer focused on developing security software for the web, e-mail and files.
Since the dawn of the internet era, we have been a pioneer in the industry, releasing the first web filtering software in 1998 to be produced in Japan which saw use around the world. With the knowledge we have built up since then, we offer cutting-edge information security products focused on information leaks and cyber attacks including targeted attack e-mails. Making full use of our advantages as a domestic manufacturer, we integrate our product planning, development, sales and support in Japan, and have Japan's largest web filtering database that acts as the underlying base for all of our products. Our technological knowhow has led us to hold patents in 27 countries and territories and to be well-regarded in the industry. Our extremely high level of customer satisfaction is evidenced by a 95% or more contract renewal rate. With web security software "i-FILTER" at the core, we offer "i-FILTER" for private and home use, e-mail security software "m-FILTER", and file encryption and tracing software "FinalCode" as part of our lineup for a one-stop web, e-mail and file security solution.
Our goal is to continue contributing to a more convenient, more comfortable and safer internet lifestyle. We want to continue to hold the trust of all our stakeholders as a company listed on the First Section of the Tokyo Stock Exchange as we grow moving forward.