Kaspersky to detect targeted attacks

July 2016 Editor's Choice, Cyber Security

Businesses all over the world, including South Africa, have become victim to numerous targeted attacks, including those discovered by Kaspersky Lab (e.g. Equation, Red October, Careto, Flame, Turla, Epic Turla, Wild Neutron, Poseidon, Desert Falcons). According to the IT Security Risks Survey 2015, conducted by Kaspersky Lab and B2B International, 9% of organisations globally and 7% in South Africa said they have experienced a targeted attack in the last year.

“Kaspersky Lab has vast experience in threat intelligence and a long history of discovering some of the world’s most high-profile advanced persistent threats”, says Christian A. Christiansen, IDC program vice president, security products. “IDC’s Specialised Threat Analysis and Protection Market (STAP) quantifies the opportunity for countering advanced persistent threats and targeted attacks. IDC believes the market will grow to over $3 billion by 2019, with a 5-year CAGR of 28%. This high growth rate is driven by significant adoption of STAP products to address the growing need for advanced threat detection.”

Conventional protection technologies are very good at preventing generic threats and attacks from breaching the corporate perimeter. Although the number of such threats is still growing, businesses are becoming more concerned about targeted attacks and advanced cyber-weapons used for the purposes of cyber-espionage or the disruption of business activity. While these threats represent a tiny fraction (less than 1%) of the entire landscape, they present the highest risk to companies worldwide. What is even more important, the number of such attacks is growing steadily, and the price-per-attack is diminishing.

Solving the “one percent” problem requires advanced technology and proper security intelligence that has either been accumulated within the company or requested from a security vendor. The Kaspersky Anti Targeted Attack Platform is designed to identify and highlight unusual actions that constitute strong evidence of malicious intent.

The Kaspersky Anti Targeted Attack Platform is a premium solution based on the most advanced technology to date that draws on Kaspersky Lab’s expertise in the detection and analysis of the world’s most sophisticated threats.

Riaan Badenhorst, MD, Kaspersky Lab Africa.
Riaan Badenhorst, MD, Kaspersky Lab Africa.

“One of many challenges that businesses face nowadays is a requirement to overcome an array of cyber threats, including very advanced ones, for which they need knowledge of possible attack vectors, indicators of compromise, and the ability to distinguish normal operations from malicious activity. In order to win this battle, organisations need to have strong security expertise combined with technology that is capable of spotting a criminal act in the avalanche of daily activity in a large corporation. This challenge is being addressed with the Kaspersky Anti Targeted Attack Platform, together with the security services aimed at sharing security intelligence with our customers faster than ever before”, commented Riaan Badenhorst, MD, Kaspersky Lab Africa.

The Kaspersky Anti Targeted Attack Platform

The Kaspersky Anti Targeted Attack Platform analyses data collected from different points of the corporate IT infrastructure. The solution’s sensors are responsible for data acquisition over network traffic, web and e-mail as well as endpoints. This allows the solution to detect complex attacks at any stage, even when no malicious activity is taking place, like data exfiltration. Suspicious events are then processed via different engines, including an Advanced Sandbox and a Targeted Attack Analyser for a final verdict.

The Advanced Sandbox provides a safe, isolated and virtualised environment for analysing suspicious objects and detecting their intent. The Targeted Attack Analyzer utilises data processing and machine learning technologies to assess and combine verdicts from different analysis engines. This is where the final decision to alert the staff is made. Additional technologies that help to reduce false positive alerts include Kaspersky Lab’s own anti-malware engine to rule out generic attacks that can be blocked by traditional solutions, URL analysis, threat data feeds delivered from Kaspersky Lab’s cloud security network, an Intrusion Detection System and support for custom rules to detect specific activity in a corporate network.

The Kaspersky Anti Targeted Attack Platform is available as an independent solution or in combination with expert services aimed at rapid incident detection and response. The availability of intelligence services also enables customers to adapt the solution to specific business needs.

Learn more about Kaspersky Anti Targeted Attack Platform at its website: http://www.kaspersky.co.za/enterprise-security/anti-targeted-attacks

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Patient critical – healthcare’s cybersecurity pulse
August 2019, Wolfpack Information Risk , News, Cyber Security, Healthcare (Industry)
The healthcare industry has become one of the leading cybersecurity attack vectors worldwide for several reasons.

Keeping our changing environment secure
August 2019 , Editor's Choice, Security Services & Risk Management
For a crime to take place there needs to be a victim and a criminal who sees an opportunity. For a cybercrime to take place we need the same set of circumstances.

Augmented security with drones
August 2019, Drone Guards , Editor's Choice, Integrated Solutions
Drone Guards is moving into an untapped market of using drones to secure residential estates and other high-value assets such as mines, farms and commercial properties.

The importance of real security risk assessments
August 2019, Sentinel Risk Management , Editor's Choice, Security Services & Risk Management, Residential Estate (Industry)
Andy Lawler, MD, Sentinel Risk Management, says a security risk assessment is an onerous task, but is not something estates can consider optional or a luxury item anymore.

Risk assessment or product placement?
August 2019, Technews Publishing, Alwinco, SMC - Security Management Consultants , Editor's Choice, Security Services & Risk Management, Residential Estate (Industry)
Hi-tech security solutions asked a couple of experts to provide estate managers and security managers with some insights into what a ‘real’ risk assessment includes.

How far are we really at with artificial intelligence?
August 2019, Axis Communications SA , Editor's Choice, CCTV, Surveillance & Remote Monitoring, IT infrastructure, Residential Estate (Industry)
Justin Ludik unpacks exactly how far AI has come and what it potentially can do for society and more importantly, surveillance.

The importance of effective perimeter security
August 2019, Elf Rentals - Electronic Security Solutions, Stafix , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Residential Estate (Industry)
Protecting the perimeter is critical for any residential estate; how does one go about making sure your perimeter is as secure as possible?

The hidden claws of proof of concept
August 2019 , Editor's Choice, Integrated Solutions
Proof of concept is a proven methodology for testing new technologies, but it isn’t perfect, and it can be more of a hindrance than a help.

Inundated with cyberattacks from all directions
August 2019 , Editor's Choice, Cyber Security, Security Services & Risk Management
IT managers are inundated with cyberattacks coming from all directions and are struggling to keep up due to a lack of security expertise, budget and up-to-date technology.

Cyber tools and solutions
August 2019, Technews Publishing , Editor's Choice, Cyber Security, IT infrastructure, Residential Estate (Industry)
Hi-Tech Security Solutions looks at the various options we have when it comes to protecting yourself from the ever-growing scourge of cybercrime?