In immediate future you must be prepared to testify what happened in your network. A need to go back in time to a point in past when something happened is increasing rapidly. Now, it is possible.
Corporations, communities, employees and business owners are losing valuable data, money and jobs each day and mostly without even knowing it. Some stolen material may help rival company to win deals in airplane business. In Finland in early 90’s, the first major databreach leaked emails containing pricing facts. French intelligence notified Finland and instead of email, the data was transferred via “old school” method thus avoiding espionage and at least one American computer was changed into a Japanese one. After that it still took about two years before they started to win sales from their American counterparts. In this case the players were sovereign states fighting vigorously in the market, Finland got its share of that dispute.
Maersk, British Airways, eBay, JPMorgan and Finnish Foreign Ministry are examples of how ”handless” the big corporations and authorities are in preventing pro-hackers operations in their network. In Tekes-case, it was never found out whether this weakness used in this case was already used in any other time. The reason for this diagnosis is the same as in Foreign Ministry’s case, there is not enough log information upon this particular case. Last year about 75 % of health care operatives were attacked by a malware and small business and communities are targeted in two attacks out of five2.
In reality the production of advanced malware pieces that has been alerted of is about 360 000 per day. 78 % of these were malware programs, 14 % viruses and the rest were aggressive advertising.
New modern ways of operating have created an illusion of things being better than before. In reality the production of advanced malware pieces that has been alerted of is about 360 000 per day! 78 % of these were malware programs, 14 % viruses and the rest were aggressive advertising. Behind these numbers you will find that the number of individual computing units being attacked constantly has reached to a level of 30 %.
Phising has entered in the new era when a program named Evilginx2 were made available. This openly distributed piece of software enables hackers to bypass two-stage -login procedure. That proven method is available for both state driven operatives as well as script-kids.
An average time the new way of attacking is hidden in network before it is detected is 197 days. Your organization has no ability to investigate what happened during those days in your network. In most cases the attackers follow the guidelines presented by Julian Assange in early 90s. At least the part of the Assange’s manifesto, saying: ”altering logs to cover your tracks” but completely forgetting the end of that mainfesto: ”don’t change the information in those systems”.
It will be vital for any corporation or community to have an ability to investigate and find out in detail all incidents even a year from today. First large corporations have already requested their suppliers to prove that any detected attack was not originated from that supplier’s realm. Proving something that has not happened is impossible if you cannot provide full authentic details of your network traffic. Such method covers not-guilty -proof and a whole lot of “tricks” that are undetectable in log scavenging programs.
Patented CySec Ice Wall Oy Ltd solution enables true forensic process taking place even if the incident took place some time ago. It enables best forensic detectives to have the authentic material of the whole incident and thus enabling the detection of the root-cause of the problem. In advance, the solution based on commodity servers and HW, in organization’s own environment or in private cloud is invisible to the hackers even if their operations are recorded in detail within. By using the Vault, all the network traffic can be analyzed without worrying about guilty parties’ involvement.
With this solution you may collect the Big Data that can be the base material for Artificial Intelligence solutions for analysis. We have created an API to connect our Vault data for an any AI solutions.
Benefits of our solution:
- Proof to your principal that the incident was not your fault and retain the business relationship.
- Provide your insurance company with a detailed analysis of any accident that has happened thus getting more accurate and quicker compensation.
- Find out which backup set is not compromised and use it for recovery.
- Analyze how and which information was changed in your Active Directory
- Study whether recently discovered Zero Day vulnerabilities have been used against you while this has been unknown.
- Find out if the DoS/DDoS attack was a smoke screen operation to conceal a more sinister plan
- Find pieces of a component attack and reveal the whole of that attack.
- Find anomalities in network traffic.
- Investigate collected Big Data by modern AI-systems.Through us you may also get consultation upon Information Governance process and its evidence management subsection along with the top consultation upon designing comprehensive security processes and in incidents that has already manifested themselves.Come to our booth and learn more!
Through us you may also get consultation upon Information Governance process and its evidence management subsection along with the top consultation upon designing comprehensive security process and in incidents that has already manifested themselves.
Come to our booth in Cyber Security Nordic and learn more!
 Now, Business Finland, a growth foundation