BSN INET uses the strength 
of the sandbox to reduce
targeted cyberattacks

Overview

Established by the Broadcasting System of Niigata (BSN) in 1966 to facilitate the use of computing technology for an expanding local region, BSN INET Co., Ltd. began as a representative IT company for the prefecture of Niigata, one of 47 such regions in Japan.

In 1985, BSN INET was awarded the Minister of Posts and Telecommunications Award for its contributions in promoting computerization. In 2007, the company launched iNET IMAGE BANK, a cloud service within its data center business, to extend its customer base beyond the prefecture of Niigata. Today, the company provides a wide range of IT services—from applications and packages to system integration, data centers, and outsourcing—to the entire country.

“Our strength is our face-to-face services,” said Motohiko Sakata, manager of BSN INET. “Our cloud services are delivered securely and reliably to our customers because of the total transparency in the technologies, operational processes, and security countermeasures we employ.”

Challenges

To maintain customer trust through the transparency of technologies and countermeasures, BSN INET first introduced new products and technologies to its own IT environment as much as possible—to see how well these measures might solve customers’ problems.

BSN INET determined that targeted cyberattacks are a major issue for both the company and its customers. “Since targeted attacks are prevalent in Japan, we felt that we needed to strengthen our own measures against them,” recalled Sakata. “On top of that, we had requests for cyberattack solutions from customers, so we started to review our own internal security measures.”

"As the number of cyber threats against both our company and our customers grows, a pressing issue for us was to strengthen countermeasures against targeted email attacks. Deep Discovery Email Inspector (DDEI) has helped us considerably in solving this issue."

Motohiko Sakata,
Manager,
Cloud Business Datacenter Division,
BSN INET Co., Ltd. 

With newly defined cyber security countermeasures applied to security solutions at points of entry, in command and control (C&C) communications, and in lateral movements, BSN INET focused on one particular area. Points of entry saw the most intrusions through targeted emails, which was the most pressing issue for both the company’s own IT environment and its customers. To solve the problem, BSN INET implemented Trend Micro’s Deep Discovery™ Email Inspector (DDEI).

Solution

In the past, BSN INET had used unified threat management (UTM) products for threat intrusion detection and Trend Micro’s antivirus software (Trend Micro OfficeScan™ Corporate Edition) to remove any detected threats. The company added sandbox-based threat analysis of emails (with attached files) to fortify protection against targeted email attacks. Before settling on DDEI, BSN INET considered other targeted email attack prevention products, but chose DDEI after weighing all the options.

In speaking on what led the company to that final decision, BSN INET’s Kenta Ichikawa said, “Trend Micro’s sandbox can be customized based on IT environments, such as the operating systems we use in our company. Trend Micro also supports common business practices in Japan, such as sending password-protected compressed files and passwords in a separate email. With features like these, we felt confident going with Trend Micro not only for our own use, but for our customers as well.”

BSN INET implemented DDEI in October 2015, and now has all emails monitored, suspicious emails analyzed in a sandbox environment, and the system administrator notified if necessary. “So far during our testing,” said Ichikawa in November 2015, “we are satisfied with the detection capabilities of DDEI and its behavior when suspicious activity is detected.” He added, “Moving forward, we want to discern the effectiveness of DDEI as soon as possible, and eventually utilize it to automatically quarantine targeted emails that are detected.”

BSN INET is also using the sandbox feature of Trend Micro’s cloud security service—Trend Micro™ Cloud App Security™ (CAS)—for its employees who use Microsoft Office 365 cloud services for file sharing when they are outside of the office.

Results

With only a couple of months having passed since BSN INET started to operate DDEI/CAS (implementation was early October 2015; this success story was written in late November 2015), the company is already experiencing positive effects.

BSN INET Manager Sakata stated, “We have already detected several malicious files through CAS. What’s more, as DDEI/CAS visualizes threats, we have been able to gather data to help our future security measure, which has great importance to us.”

Sakata also discussed the benefit of receiving multiple solutions from a single vendor. “Establishing multiple protection layers only through Trend Micro products has unified our security operation at the help desk, as well as our administration console via Trend Micro Control Manager,” he stated. “Even if we incorporate any new technologies or products later on, this should help prevent an increase in workload and alleviate any resistance to new changes and solutions on the operations side.”

BSN INET is also planning to use InterScan Web Security Virtual Appliance™ to improve countermeasures for C&C communications, in addition to point-of-entry security with DDEI. Also, the company is considering introducing Deep Discovery™ Inspector to visualize its internal networks.

"It is very hard to find any other solutions suitable for the Japanese business environment that can be as flexible and customizable as DDEI’s sandboxes. Based on our experience, we feel confident in recommending DDEI to our customers"

Kenta Ichikawa,
Cloud Business Datacenter Division,
BSN INET Co., Ltd.

In explaining the reason for this potential addition, Sakata stated, “As companies and organizations in Japan continue to be threatened by targeted cyberattacks, the recent enforcement of the My Number (social security and tax number) system has led local municipalities, medical institutions, and many more of our customers to require upgrading of security measures as soon as possible.” He added, “We will continue our close partnership with Trend Micro to protect the safety and security of both ourselves and our customers.”