Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Kaspersky to detect targeted attacks

July 2016 Editor's Choice, Information Security

Businesses all over the world, including South Africa, have become victim to numerous targeted attacks, including those discovered by Kaspersky Lab (e.g. Equation, Red October, Careto, Flame, Turla, Epic Turla, Wild Neutron, Poseidon, Desert Falcons). According to the IT Security Risks Survey 2015, conducted by Kaspersky Lab and B2B International, 9% of organisations globally and 7% in South Africa said they have experienced a targeted attack in the last year.

“Kaspersky Lab has vast experience in threat intelligence and a long history of discovering some of the world’s most high-profile advanced persistent threats”, says Christian A. Christiansen, IDC program vice president, security products. “IDC’s Specialised Threat Analysis and Protection Market (STAP) quantifies the opportunity for countering advanced persistent threats and targeted attacks. IDC believes the market will grow to over $3 billion by 2019, with a 5-year CAGR of 28%. This high growth rate is driven by significant adoption of STAP products to address the growing need for advanced threat detection.”

Conventional protection technologies are very good at preventing generic threats and attacks from breaching the corporate perimeter. Although the number of such threats is still growing, businesses are becoming more concerned about targeted attacks and advanced cyber-weapons used for the purposes of cyber-espionage or the disruption of business activity. While these threats represent a tiny fraction (less than 1%) of the entire landscape, they present the highest risk to companies worldwide. What is even more important, the number of such attacks is growing steadily, and the price-per-attack is diminishing.

Solving the “one percent” problem requires advanced technology and proper security intelligence that has either been accumulated within the company or requested from a security vendor. The Kaspersky Anti Targeted Attack Platform is designed to identify and highlight unusual actions that constitute strong evidence of malicious intent.

The Kaspersky Anti Targeted Attack Platform is a premium solution based on the most advanced technology to date that draws on Kaspersky Lab’s expertise in the detection and analysis of the world’s most sophisticated threats.

Riaan Badenhorst, MD, Kaspersky Lab Africa.
Riaan Badenhorst, MD, Kaspersky Lab Africa.

“One of many challenges that businesses face nowadays is a requirement to overcome an array of cyber threats, including very advanced ones, for which they need knowledge of possible attack vectors, indicators of compromise, and the ability to distinguish normal operations from malicious activity. In order to win this battle, organisations need to have strong security expertise combined with technology that is capable of spotting a criminal act in the avalanche of daily activity in a large corporation. This challenge is being addressed with the Kaspersky Anti Targeted Attack Platform, together with the security services aimed at sharing security intelligence with our customers faster than ever before”, commented Riaan Badenhorst, MD, Kaspersky Lab Africa.

The Kaspersky Anti Targeted Attack Platform

The Kaspersky Anti Targeted Attack Platform analyses data collected from different points of the corporate IT infrastructure. The solution’s sensors are responsible for data acquisition over network traffic, web and e-mail as well as endpoints. This allows the solution to detect complex attacks at any stage, even when no malicious activity is taking place, like data exfiltration. Suspicious events are then processed via different engines, including an Advanced Sandbox and a Targeted Attack Analyser for a final verdict.

The Advanced Sandbox provides a safe, isolated and virtualised environment for analysing suspicious objects and detecting their intent. The Targeted Attack Analyzer utilises data processing and machine learning technologies to assess and combine verdicts from different analysis engines. This is where the final decision to alert the staff is made. Additional technologies that help to reduce false positive alerts include Kaspersky Lab’s own anti-malware engine to rule out generic attacks that can be blocked by traditional solutions, URL analysis, threat data feeds delivered from Kaspersky Lab’s cloud security network, an Intrusion Detection System and support for custom rules to detect specific activity in a corporate network.

The Kaspersky Anti Targeted Attack Platform is available as an independent solution or in combination with expert services aimed at rapid incident detection and response. The availability of intelligence services also enables customers to adapt the solution to specific business needs.

Learn more about Kaspersky Anti Targeted Attack Platform at its website: http://www.kaspersky.co.za/enterprise-security/anti-targeted-attacks





Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

South African fire standards in a nutshell
Fire & Safety Editor's Choice Training & Education
The importance of compliant fire detection systems and proper fire protection cannot be overstated, especially for businesses. Statistics reveal that 44% of businesses fail to reopen after a fire.

Read more...
The growing role of hybrid backup
Infrastructure Information Security
As Africa’s digital economy rapidly grows, businesses across the continent are facing the challenge of securing data in an environment characterised by evolving cyberthreats, unreliable connectivity and diverse regulatory frameworks.

Read more...
Choicejacking bypasses smartphone charging security
News & Events Information Security
Choicejacking is a new cyberthreat that bypasses smartphone charging security defences to confirm, without the victim’s input or consent, that the victim wishes to connect in data-transfer mode.

Read more...
Most wanted malware
News & Events Information Security
Check Point Software Technologies unveiled its Global Threat Index for June 2025, highlighting a surge in new and evolving threats. Eight African countries are among the most targeted as malware leaders AsyncRAT and FakeUpdates expand.

Read more...
LidarVision for substation security
Fire & Safety Government and Parastatal (Industry) Editor's Choice
EG.D supplies electricity to 2,7 million people in the southern regions of the Czech Republic, on the borders of Austria and Germany. The company operates and maintains infrastructure, including power lines and high-voltage transformer substations.

Read more...
Standards for fire detection
Fire & Safety Associations Editor's Choice
In previous articles in the series on fire standards, Nick Collins discussed SANS 10400-T and SANS 10139. In this editorial, he continues with SANS 322 – Fire Detection and Alarm Systems for Hospitals.

Read more...
Wildfires: a growing global threat
Editor's Choice Fire & Safety
Regulatory challenges and litigation related to wildfire liabilities are on the rise, necessitating robust risk management strategies and well-documented wildfire management plans. Technological innovations are enhancing detection and suppression capabilities.

Read more...
SMARTpod talks to Sophos and Phishield
SMART Security Solutions Technews Publishing Sophos Videos Information Security News & Events
SMARTpod recently spoke with Pieter Nel, Sales Director for SADC at Sophos, and Sarel Lamprecht, MD at Phishield, about ransomware and their new cyber insurance partnership.

Read more...
Cybersecurity and insurance partnership for sub-Saharan Africa
Sophos News & Events Information Security Security Services & Risk Management
Sophos and Phishield Announce first-of-its-kind cybersecurity and insurance partnership for sub-Saharan Africa. The SMARTpod podcast, discussing the deal and the state of ransomware in South Africa and globally, is now also available.

Read more...
Corporate and academic teams can register for Kaspersky contest
Kaspersky News & Events Information Security
Kaspersky has announced the registration opening for its new Kaspersky{CTF} (Capture the Flag) competition, inviting academic and corporate teams from around the globe to compete in a battle of skill, strategy and innovation.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.