Technology
Published by Gbaf News
Posted on June 30, 2016
Global Banking and Finance Review
Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.
Published by Gbaf News
Posted on June 30, 2016
LightCyber, a leading provider of Behavioural Attack Detection solutions, has announced the results of its Cyber Weapons Report 2016, a first-of-its-kind industry study which uncovers the top tools attackers use once they penetrate a network and work towards successfully conducting a data breach or other malicious goals.
Jason Matlof, Executive Vice President at LightCyber
The study found that 99 percent of post-intrusion cyberattack activities did not employ malware, but rather employed standard networking, IT administration and other tools that could be used by attackers on a directed or improvisational basis. While malware was commonly used to initially compromise a host, once inside a network malicious actors did not typically utilise malware. As an example, Angry IP Scanner, an IP address and port scanner, was the most common tool associated with attack behaviour, followed closely by Nmap, a network discovery and security auditing tool.
Attackers use common networking tools in order to conduct “low and slow” attack activities while avoiding detection. Sophisticated attackers using these tools—rather than known or unknown malware—can typically work undetected for an average of five months, according to multiple industry reports.
Once inside a network, an attacker must learn about the network that they’ve compromised and map its resources and vulnerabilities. The highest frequency attacker activity found in this study was reconnaissance followed by lateral movement and then command and control communication.
“The new Cyber Weapons Report uniquely reveals that malware is not the mechanism that network attackers use once they circumvent preventative security and compromise a network,” said Jason Matlof, executive vice president, LightCyber. “Despite these increasingly well understood realities, our industry still has an unshakable obsession with malware. With the increasing incidence of successful data breaches and theft of company secrets, it’s clear that the conventional malware-focused security infrastructure is insufficient, and we must develop new techniques to find active attackers using their operational activities.”
Results for the study were tabulated over six months, analysing end-user networks totalling 100,000s of endpoints worldwide. Organisations ranged in size from 1,000 to 50,000 endpoints, spanning industries such as finance, healthcare, transportation, government, telecommunications and technology.
The study analysed network activity gathered from the LightCyber Magna™ Behavioural Attack Detection platform, which is uniquely capable of automatically discovering the source software executables associated with the anomalous network behaviour observed. Magna is the only known solution to combine signature-less full network analysis with agentless endpoint technology that links a network activity to an endpoint process. LightCyber Magna also automatically analyses these executable files via the Magna Cloud Expert System to augment the security operations investigative processes. The most common attack tools observed in the study were classified into the following four categories: networking and hacking tools, admin tools, remote desktop tools and malware.
For a copy of the report go to: http://lightcyber.com/wp-cyber-weapons-report-lp/
Report findings include:
The LightCyber Magna platform uses behavioural profiling to learn what is normal on the network and endpoints, and thereby detect anomalous attacker behaviours that are, by necessity, required to perpetrate a successful breach or conduct malicious goals, including command and control, reconnaissance, lateral movement and data exfiltration. These behaviours can be identified early toreduce attacker dwell timeand curtail attack activity. At the same time, Magna can identify harmful activity from insiders—rogue or unaware employees or contractors—that is either intentionally malicious or unknowingly dangerous. Magna presents a small number ofactionable alerts with supporting contextual and investigative details to greatly enhance the efficiency of a security operations team in its detection and remediation operations.