Kaspersky Lab introduces new tracking services against hackers
Kaspersky Lab has added two new services to its Kaspersky
Threat Intelligence threat reporting system - Kaspersky Digital Footprint
Intelligence and APT C&C Tracking services, Trend reports citing the
company.
The Kaspersky Digital Footprint Intelligence service is
intended for heads of information security departments, employees of Security
Operations Centers (SOC) and Community Emergency Response Team (CERT) and shall
help them to see the company through the eyes of a hacker, identify possible
attack vectors and vulnerabilities, reveal what hackers may know about
corporate infrastructure and employees. This information will provide an
opportunity to build a more effective cyber security strategy that will take
into account existing risks and allow timely take the necessary measures to
respond to cyber threats.
According to a study conducted by Kaspersky Lab, 64 percent
of information security managers believe that the speed and quality of incident
response are the main metrics for measuring the performance of security
personnel. During the study conducted in 2019 by the 451 Research agency
specifically for Kaspersky Lab, 305 directors of information security around
the world were interviewed.
However, experts cannot always track all the risks and
respond in time, as far as corporate resources and data are in the public
domain. The Kaspersky Digital Footprint Intelligence service allows analyzing
threats aimed at a specific organization, finding out what information is
already available to hackers and checking if the infrastructure is compromised.
Using this data, it is possible to get a complete picture of
the current attacks and identify potentially vulnerable components, such as
remote control services as well as accidentally opened and incorrectly
configured services and network devices. Passive analysis of network resources
allows conducting an overall risk assessment for a number of parameters,
including metrics of Common Vulnerability Scoring System (CVSS), the presence
of public exploits and others.
In addition, the service allows searching for leaks of
confidential data, as well as for information about compromised corporate
resources and planned attacks on public and underground forums, social
networks, instant messengers, chats and communities. Malicious activity
directed not only at the customer, but also at his clients, partners and
suppliers, can be tracked using Kaspersky Digital Footprint Intelligence. Via
this service, access to reviews of malware and Advanced Persistent Threats
(APT) attacks in the region and industry can also be gained.
Another new service, the APT C&C Tracking Service,
provides information on the IP addresses of the infrastructure used to
implement APT attacks. This data allows taking measures both to detect and
repel existing malicious actions and to prevent new ones. The service includes
data collected by experts from the GReAT team, which monitors and reveals APT
campaigns around the world, and operates in a daily update mode. Clients see
not only the IP addresses itself, but also which APT group uses them and obtain
information about when activity from this address was recorded for the very
first and very last time.
New services are available on the Kaspersky Threat
Intelligence portal, a single entry point into the global threat reporting
system, and can be integrated with third-party task management systems and
security solutions.
"The theft of databases and the leakage of trade
secrets as a result of a targeted attack can negatively affect the company's
reputation and lead to financial losses. We have expanded the pool of services
that allow our customers to keep abreast of all the cyber threats relevant to
them and take timely measures to combat APT campaigns," Kaspersky Lab’s
Official Representative in Azerbaijan Mushvig Mammadov said.
Comments
Post a Comment