Home Business IT Security The threat from within

Regardless of how good your end-point security may be all security companies agree that the human element is the weakest link. Most cyberattacks rely on compromised credentials.

Just last week it was revealed that the price for Apple employees to betray it was a modest US$23,000. As one staffer said, “You get emails offering you thousands to get a password to get access to Apple. I could sell my Apple ID login information online for €20,000 (£15,000 / US$23,000) tomorrow. That’s how much people are trying.” 

Apple is well known for working in silos limiting the damage such a breach could cause but the campaign appears to have targeted employees that could have accessed individual Apple user accounts, intellectual property, and corporate strategy.

Via Advanced Persistent Threat attacks (APTs) cybercriminals are breaking into corporate networks using stolen credentials and targeting high-value, sensitive data. According to ISACA, 74 percent of enterprises surveyed think they will be a target for APTs, and 28 percent have already been attacked.

Enter Exabeam, a User Behaviour Analytics (UBA) provider that helps companies find hidden intruders using big data science regardless of whether they change locations, devices, or logins. Cybersecurity breaches have gone well past stolen credit card numbers, with hackers targeting employee credentials to give them the keys to the enterprise castle. Exabeam can find and track these impostors throughout the system and use those clues to find others.

Last September it finalised a US$25 million financing round to support its rapid growth and to update its UBA solution and brings total investments in the company to $35 million.

It has just released Threat Hunter to help security professionals proactively identify and respond to adversaries within their networks. It enables analysts to search, pivot, and drill down across multiple dimensions of user activity to find sessions that contain specific risky behaviours.  

“The promise of UBA is that the system will notify security analysts about risky activities, and Exabeam excelled at that in ESG Lab testing,” said Tony Palmer, senior lab analyst, Enterprise Strategy Group. “Exabeam's Threat Hunter provides the other half of the equation—the ability to ask the system which users match a specific set of risk criteria and get useful answers.”

Threat Hunter provides:

  • Increased security – find advanced persistent threats before they cause data loss.
  • Reduced chance of data breach – find attackers that are hiding in the network by staying under the radar.
  • Faster response to cyber-attacks – effectively remove all adversaries once an attack is detected by finding all traces of activity.

“To date, UBA products have only offered something like a recommendation engine for security alerts. It’s like using Netflix but you can only see the suggestions for you, never search for what you want,” said Nir Polak, CEO of Exabeam. “With Threat Hunter, Exabeam gives you the power of advanced search to find the imposters in your infrastructure. It’s is the only UBA solution that solves security searching as well as alerting.”

Exabeam’s UBA solution leverages existing log data to quickly detect advanced attacks, prioritize incidents and guide effective response. The company’s Stateful User Tracking automates the work of security analysts by resolving individual security events and behavioural anomalies into a complete attack chain. This dramatically reduces response times and uncovers attack impacts that would otherwise go unseen.

47 REASONS TO ATTEND YOW! 2018

With 4 keynotes + 33 talks + 10 in-depth workshops from world-class speakers, YOW! is your chance to learn more about the latest software trends, practices and technologies and interact with many of the people who created them.

Speakers this year include Anita Sengupta (Rocket Scientist and Sr. VP Engineering at Hyperloop One), Brendan Gregg (Sr. Performance Architect Netflix), Jessica Kerr (Developer, Speaker, Writer and Lead Engineer at Atomist) and Kent Beck (Author Extreme Programming, Test Driven Development).

YOW! 2018 is a great place to network with the best and brightest software developers in Australia. You’ll be amazed by the great ideas (and perhaps great talent) you’ll take back to the office!

Register now for YOW! Conference

· Sydney 29-30 November
· Brisbane 3-4 December
· Melbourne 6-7 December

Register now for YOW! Workshops

· Sydney 27-28 November
· Melbourne 4-5 December

REGISTER NOW!

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

 

Popular News

 

Telecommunications

 

Sponsored News

 

 

 

 

Connect