Symantec’s April 2015 Volume 20 Internet Security Threat Report contains over 100 pages of interesting facts and research regarding Internet and information security.
One of the infographics contains data similar to what was reported by Verizon and was discussed here previously. The data pertains to the likelihood and prevalence of attacks by industry.
Symantec’s research corroborates Verizon’s findings that the manufacturing sector is amongst the most highly targeted (in this case, specifically by spear phishing attacks).
Source: Symantec April 2015 Volume 20 Internet Security Threat Report
Mining Industry a Likely Target for Illicit Data Mining!
It is interesting to note that if your organization falls in the mining space you were more likely than any other industry to have been targeted by a spear phishing attack. This seems an outsized risk for a somewhat low tech industry considering that, according to the Verizon data, “secrets” were the most commonly mined corporate information. More obvious targets would have been technology companies or perhaps pharmaceutical or financial companies.
One thing is certain, spear phishing and other types of corporate hacking are happening every day across a wide variety of industries. At Konsultek, we specialize in developing custom security solutions that work for organizations both large and small. To learn more about the potential vulnerabilities of your organization and what you can do to protect your intellectual property and trade secrets please pick up the phone and call (847)426-9355 to begin a dialogue.
In what is becoming a seemingly common theme, FireEye and their consulting arm Mandiant (acquired in 2014) are at the center of uncovering another high profile data breach. This time the victim is CareFirst BlueCross Blue Shield.
Earlier this year the dynamic duo of FireEye and Mandiant were brought in to assess the internal IT systems at CareFirst. On April 21st, as reported by securityaffairs.co they had “discovered evidence of unauthorized accesses to the database on June 19, 2014.”
Fortunately for CareFirst no evidence of additional attacks against the CareFirst systems was found.
FireEye the “Go To” Company for Breaches
As reported by USA Today, FireEye (FEYE) has been the “SWAT” team brought in to investigate high-profile attacks against Target, JP Morgan Chase, Sony Pictures, Anthem and others over the past two years. “Often times they ask us to be side-by-side with them when they announce their breach,” said FireEye CEO David DeWalt.
For those of you who don’t follow the players in the security industry as closely as we do, Mr. DeWalt was the CEO of McAfee when in 2010 he orchestrated its sale to Intel for just under $8 Billion.
It would appear as though FireEye has gained the confidence of some of the largest and most high profile organizations in the world and we certainly believe that confidence is warranted. At Konsultek we have been weaving FireEye’s next generation of threat prevention into our custom solutions for over two years.
FireEye’s unique “sandbox” approach to threat prevention allows potential threats to be identified and addressed in the safety of a quarantined evaluation space so that your systems are never at risk.
FireEye’s approach to threat detection and prevention offers several advantages:
- Cloud based – potential threats are “detonated” in controlled virtual environments outside your network.
- Machine learning – as more threats are detected and dealt with the FireEye engine learns, applying collective intelligence to protect your system.
- Real time – since FireEye is cloud based “updates” happen in real time so your protective shield is always up to date.
- Centralized Management System – consolidates and simplifies all facets of FireEye’s protection into one simple to use interface.
Ready to learn more about how FireEye and Konsultek can help secure your network and data? Please, just give us a call at (847)426-9355, we’re always available to listen!
There’s been a lot of buzz about the increasing number of Advanced Persistent Threats (APTs) targeting enterprise networks. In response to the changing nature of cyberthreats, Infoblox has partnered with FireEye to combine their technologies and offer a powerful new defense, The Infoblox DNS Firewall – FireEye Adapter.
How it Works
The FireEye NX Series automatically tests suspicious executable files in a virtual environment. This virtual environment allows the behavior to be observed in a safe, isolated location so that malicious activity can be identified before being launched into an enterprise’s network.
To catch malware besides APTs, Infoblox DNS Firewall uses a subscriptions service to stay constantly updated on threats and malware. By leveraging the Domain Name System (DNS) to block communication to known malicious destinations, the firewall prevents communication between an infected device and the host, thus preventing communication or transmission of stolen data.
Detect, Disrupt, Pinpoint
According to Infoblox the system has three key features.
1. Detect APTs via FireEye technology
2. Disrupt malware callbacks via the Infoblox DNS Firewall – disconnecting malware from its host
3. Pinpoint infected devices quickly via the Infoblox DNS Firewall – reducing response time and speeding up remediation efforts
How Can I Protect Myself?
If you would like more information on either the new The Infoblox DNS Firewall – FireEye Adapter or assessing your network’s risk, just give us a call at 847-426-9355.