Threat Advisors

image

Securing Virtual Machines and Desktops

Virtual Systems are not Immune to Cyber Threats
Virtualization of enterprise infrastructures, both servers and desktops, affords businesses compelling economies. Yet, securing hypervisor-managed virtual machines (VMs) and virtual desktop infrastructure (VDI) requires careful planning and a better understanding of today’s cyber threats. Virtual machines and desktops are not immune to malicious attack. In fact, in some instances, virtualization can make the enterprise more vulnerable.

image

Securing Endpoints for PCI DSS Compliance

Economic Espionage and Your Company’s Future
The theft of corporate intellectual property (IP) has received a lot of recent media attention. Some of the biggest headlines include a Wall Street Journal article on cyber threats written by the President,1 and statements from the director of the National Security Agency (NSA) that cyber espionage will produce the “greatest transfer of wealth in history.”2 The publicity is warranted: Cyber security breaches go largely undetected, and the economic impact of stolen trade secrets, source code, drug and chemical formulas, and product designs has become increasingly serious.

image

A Family Affair: Stopping Gauss

First Came Flame.  The past year has seen an increase in sophisticated attacks discovered in the Middle East targeted at specific corporations. We first saw this with the public announcement of Flame in May 2012, which was aimed at industrial or fixed systems; however Bit9’s first encounter with Flame occurred much earlier than that. In October 2011, when what became known as Flame was just seen as an unknown file, the Bit9 Trust-based Security Platform blocked and prevented it frocomrpm executing.

image

Cyber Threats Target Intellectual Property

Economic Espionage and Your Company’s Future
The theft of corporate intellectual property (IP) has received a lot of recent media attention. Some of the biggest headlines include a Wall Street Journal article on cyber threats written by the President,1 and statements from the director of the National Security Agency (NSA) that cyber espionage will produce the “greatest transfer of wealth in history.”2 The publicity is warranted: Cyber security breaches go largely undetected, and the economic impact of stolen trade secrets, source code, drug and chemical formulas, and product designs has become increasingly serious.

image

Continuous Monitoring and Mitigation

Federal Continuous Monitoring: A Work in Progress The Federal Information Security Management Act of 2010 (FISMA 2.0) changed the paradigm for evaluating the cyber security of federal organizations. Rather than annual reporting and accreditation on static criteria, security measurements shifted to risk-based, “continuous monitoring.”

image

Control Systems are Under Advanced Attack

Critical Infrastructure Control Systems are at Risk
Critical industrial and infrastructure control systems are facing increasingly sophisticated cyber attacks. Industry sectors, such as energy, utilities, transportation, water supply, communications, chemicals, and manufacturing, are vulnerable to complicated “digital weapons.” The consequences of compromised and sabotaged Industrial Control Systems (ICS), including supervisory control and data acquisition (SCADA) systems and the programmable logic controllers (PLC) they command, can lead to explosions, spills, and property damage, as well as the potential loss of life.

image

Law Firms are Facing Advanced Attacks

Valuable Client Information is at Risk.Law firms work with and manage highly sensitive corporate data that is increasingly valued by sophisticated cybercriminals. According to the American Bar Association (ABA), when seeking to obtain critical, protected information about corporations, attackers are frequently looking at that organization’s network of partners and suppliers—including their law firm— rather than attacking the corporation head on. 1

image

Don’t Get Burned by Flame

What is Flame? Flame is the latest high profile cyber attack making the news. It has so far been detected in Middle East countries. Flame is more than simply a virus or worm – it is basically a cyber espionage toolkit, containing the most comprehensive set of sleuthing technologies in a single piece of malware. It can monitor and steal data from a computer’s microphone, screen, keyboard, Bluetooth, WiFi and network, among its known capabilities. It can propagate via USB or directly over a network. It can use several different types of data encryption and compression to store and then exfiltrate data to a controllable set of command-and-control servers.

image

Protecting Your Domain Controllers

Domain Controllers: The Target of Choice.  Bit9 has seen a 150 percent year-over-year increase in the number of attacks on domain controllers. Attackers, largely nation states and cyber criminals, are after corporate intellectual property (IP)—everything from chemical formulas and vaccines to military data and source code—all valuable competitive information. Rather than attacking directly the servers that house such information, advanced persistent attackers are targeting domain controllers so as to gain access to all information repositories and systems within the company.

image

Securing Protected Health Information

Protected Health Information is at Risk.  As the adoption and exchange of the Electronic Medical Record (EMR) escalates, so too have the regulations and challenges related to securing electronic Protected Health Information (ePHI). The potential access to ePHI has given rise to more advanced attacks by financially motivated cyber criminals. In fact, between September of 2009 and February of 2012, nearly 20 million Americans had the privacy of their ePHI breached.1