Kaspersky Lab's Automatic Exploit Prevention technology detected and blocked 4.2 million attacks via Java exploits between September 2012 and August 2013, protecting 2.25 million users of Kaspersky Lab solutions. This data comes from the ‘Java under attack – the evolution of exploits in 2012-2013’ research conducted by the company.
Cybercriminals use exploits (a special type of malicious program which utilises vulnerabilities in legitimate software) to secretly download malware which steals users’ personal data and money. Some exploits help bypass antivirus protection, which makes this type of malware even more popular for cyber-attacks.
Automatic Exploit Prevention is a technology which Kaspersky Lab developed in-house to detect and block exploits as soon as they attempt to use software vulnerabilities. The technology analyses the behaviour of legitimate software components - if there is any unusual activity which might indicate an exploit is at work, the protection system is activated and the threat is blocked.
"The main challenge faced by today’s antivirus industry is the need to combat new and unknown threats including attacks via exploits. Automatic Exploit Prevention is our response to this challenge. The efficiency of the technology proves that we have chosen the right approach to protect against sophisticated cyber-attacks," said Nikolay Grebennikov, Kaspersky Lab’s chief technology officer.
Automatic Exploit Prevention technology is integrated into Kaspersky Lab’s Kaspersky Anti-Virus and Kaspersky Internet Security protection solutions for home users as well as in Kaspersky Endpoint Security for Business, the company’s security solution for corporate IT infrastructure.
Other findings of the report
According to the same study, Kaspersky Lab products blocked an overall total of 14.1 million attacks involving Java exploits between September 2012 and August 2013, a third more than in the same period in 2011-2012.
The research also showed that over 50 per cent of attacks were performed with the help of only six Java-exploit families and the majority of victims (about 80 per cent) live in the USA, Russia, Germany and seven other countries.
The research was based on data received from users of Kaspersky Lab products who had agreed to send the information to the Kaspersky Security Network cloud service.