about - MEDIA COVERAGE

"Geopolitische Spannungen und Handelskriege werden das Wachstum der kommerziellen Cyberspionage vorantreiben," sagt Gerard Bauer, Vizepräsident der EMEA-Region von Vectra. "Diese Angriffe werden von vielen Opferunternehmen nicht erkannt, da sie keine versteckten Bedrohungen in Netzwerken erkennen können."

"We will see an increase in the use of deep learning, such as recursive neural nets, that enable algorithms to continuously learn and evolve," says Chris Morales, head of security analytics at Vectra. "2019 will see deep learning become the best practice for detecting cyberattacks."

The problem wasn't that the data centers lacked the authentication or encryption tools. "The controls existed but were not implemented and used equally and regularly," Chris Morales, head of security analytics at Vectra, says.

Für Gérard Bauer, Vizepräsident von EMEA bei Vectra, zeigt der Erfolg alter Malware eines der grundlegenden Probleme vieler IT-Sicherheitslösungen, die immer noch auf klassischen Cybersecurity-Konzepten beruhen.

Chris Morales, head of security analytics at Vectra, says the biggest risk posed by mobile devices in a corporate network is malicious apps gaining access to enterprise data. Make sure mobile devices do not share network connectivity with critical infrastructure or systems with sensitive information.

The Vectra Cognito platform incorporates artificial intelligence (AI), deep machine learning and traffic monitoring into a tool that is able to detect threats that other programs miss, even if they are already entrenched inside a protected network.

"VirusTotal provides value only if you have the necessary staff to extract value from it," says Oliver Tavakoli, chief technology officer at Vectra. "This is reflective of the fact that the VirusTotal data repository is of most value to large and expert IT security teams."

"Dieser Cyberangriff ist eine Form der Spionage von Nationalstaaten", sagt Gerard Bauer, Vizepräsident von EMEA bei Vectra. "Der einzige Unterschied ist jetzt, dass es im Cyberspace passiert, anstatt in ein Gebäude einzubrechen und physische Dokumente zu stehlen."

Vectra’s artificial intelligence-based platforms detected “a higher-than-normal rate of malicious internal reconnaissance behaviors” from attackers inside of manufacturers’ systems and that this “indicates that attackers are mapping-out manufacturing networks in search of critical assets to steal or damage.”

"Hacks are getting bigger because the volume of data generated on the Internet every single day is so large," says Chris Morales, head of security analytics at Vectra. "Just like a user employs a search engine to get information, a cyber spy will search massive online databases for information."

“Cryptomining efforts are popular across higher education," according to a study published in March from Vectra. Vectra reported that 85% of cryptocurrency mining instances happened in higher education between August 2017 and January 2018, compared to just three percent in the technology sector.

"Prevention will never be 100%," says Chris Morales, head of security analytics at Vectra. "That is unrealistic. The report states the breach was entirely preventable. I don't believe that is true. It is the same notion as building a wall would stop the drug trade. The criminal build tunnels instead."

"We can improve our ability to detect and respond to breaches by looking for the type of behaviors an attacker performs," says Chris Morales, head of security analytics at Vectra. "The most critical threat behaviors should be correlated with compromised hosts in real time before they become a problem."

“It is a classic ‘could have, should have’ scenario,” says Chris Morales, head of security analytics at Vectra. “As long as a motive exists, attackers will continuously attempt to compromise networks until they succeed. The failure comes down to people and process, not necessarily technology."

Für Gérard Bauer, Vizepräsident von EMEA bei Vectra, zeigt der Erfolg der "alten" Emotet-Malware eines der grundlegenden Probleme vieler IT-Sicherheitslösungen, die immer noch auf klassischen Cyber-Sicherheitskonzepten basieren.

“Gaming has always been an arena for hacking and attacks,” says Chris Morales, head of security analytics at Vectra. “In today's competitive and financially lucrative gaming world, that means bypassing developer controls to gain a competitive advantage or disrupt other players.”

"Zero days are saved for the most critical needs," says Chris Morales, head of security analytics at Vectra. Most attackers don’t like to waste this type of knowledge when they can simply convince a user to give them access to their system instead."

“Enterprises are unable to spot worm reconnaissance and lateral movement behaviors," says Matt Walmsley, EMEA director at Vectra. "Security analysts can't operate at the speed and scale required to manually identify the threat and close down their lines of communication and movement."

To detect cyberthreats, their AI software sifts through massive stores of computer network data. Wall Street analysts are eyeballing and a handful of other private firms. With AI tools, the new AI companies are taking customers away from cybersecurity industry incumbents, analysts say.

"La réponse aux incidents prend trop de temps et, dans de nombreux cas, les équipes de sécurité tentent de comprendre ce qui s'est passé et comment l'empêcher de se reproduire plutôt que de détecter et d'intervenir tôt dans le cycle de l'attaque pour éviter le vol et les dommages," a déclaré Gregory Cardiet. un expert en cybersécurité chez Vectra.

"Les attaquants avancent lentement et par étapes pour obtenir des privilèges et adopter une variété de comportements avant d’accéder aux données souhaitées, de les exfiltrer," explique Gregory Cardiet, expert en cybersécurité chez Vectra. "La détection de ces comportements à un stade précoce est essentielle."

"Si les dates sont vraies, entre la date de détection initiale ou le 8 septembre 2018 et la divulgation publique de la faute, l'exigence de notification GDPR de 72 heures était très loin d'être respectée," déclare Gregory Cardiet, expert en cybersécurité chez Vectra.

"Disposer de systèmes qui surveillent le comportement d'exfiltration plutôt que d'essayer d'inspecter les charges utiles de données peut être un moyen de relever ce défi," déclare Gregory Cardiet de Vectra. "La détection de ces comportements à un stade précoce est essentielle."

"Was die Datenschutzverletzung selbst anbelangt, war die Exfiltration der Daten innerhalb der Verschlüsselung möglicherweise ein Versuch, Sicherheitskontrollen wie Systeme zum Schutz vor Datenverlust zu umgehen", sagt Gerard Bauer, Vizepräsident der EMEA.

Incident response continues to take too long as security teams try to figure out what happened and how do we stop it happening again, says Chris Morales, head of security analytics at Vectra. "It's important to spot and close down an attacker earlier in its lifecycle to minimize or stop a breach from occurring."

"Data exfiltration inside encryption can circumvent security controls like data loss prevent," Morales says Chris Morales, head of security analytics at Vectra. "Systems that watch for exfiltration behaviors, rather than trying to inspect the data payloads, can provide a way to handle this challenge."

Although Marriott reported the malware resided in its U.S.-based reservation system, if any EU guests were involved it could open the company up to fines due to GDPR, said Chris Morales, head of security Analytics at Vectra.

"With a real treasure trove of valuable personal information having been lifted, this is undoubtedly going to damage the Marriott Starwood brands, and could have a significant direct impact for their affected customers identity assurance," says Matt Walmsley, EMEA director at Vectra.

“With a real treasure trove of valuable personal information having been lifted, this is undoubtedly going to damage the Marriot Starwood brands, and could have a significant direct impact for their affected customers identity assurance,” says Matt Walmsley, EMEA director at Vectra.

Among the victims of ad fraud are companies that have to pay for every user who views their ads. "Every company has a budget for online ads, and this type of scheme would cannibalize that budget with no return on leads or sales," says Chris Morales, head of security analytics at Vectra.

"Misconfiguration of systems is as big of a risk as system vulnerabilities," says Chris Morales, head of security analytics at Vectra. "APIs for external service integration is important to offer services to customers, but poor security practices in API access and design puts enterprises in danger."

Vectra se démarque de Darktrace en proposant des modèles mathématiques de détection développés et testés sur un groupe de sociétés utilisant la solution, testés et calibrés avant d'être déployés en production pour l'ensemble du client de base.

"The cybersecurity skills gap is alive and well, it’s challenging to hire and retrain cybersecurity talent," says Matt Walmsley, EMEA director at Vectra. "Within the next three years there will be in excess of 350,000 unfilled European cyber-security jobs than candidates."

The findings in the Vectra 2018 Spotlight Report on Energy and Utilities “underscore the importance of detecting hidden threat behaviors inside enterprise IT networks before cyberattackers have a chance to spy, spread and steal,” says Chris Morales, Vectra head of security analytics.

Vectra leverages its automated and self-learning algorithms to provide real-time detection and response capabilities. It can also score every detection and host in terms of the threat severity and enrich threat investigation and threat hunting scenarios.

Smaller yet expanding devices may be more appealing to hackers than to consumers, warned Mike Banic, vice president of marketing at Vectra. The number of mobile vulnerabilities is highest on Android apps, largely due to its open source nature and the questionable security of third-party app stores.

"Our best course of action is to work with the national governments to ensure any biometric system is highly secure and has auditing and oversight to ensure the proper use of the biometric data,” says Chris Morales, head of security analytics at Vectra.

"Organizations are moving towards more automation for very rational reasons," says Matt Walmsley, EMEA director at Vectra. "We need to understand how new AI tools work. This is new technology and we need to understand the fundamentals so we can understand how they work."

“When attackers move laterally inside a network, it exposes a larger attack surface that increases the risk of data acquisition and exfiltration,” says Branndon Kelley, CIO of American Municipal Power.

“Nation-state actors are well-resourced, innovative and highly motivated, and organizations have limited time, finite human and technical resources and capabilities with which to protect their rapidly expanding attack surface," says Matt Walmsley, director of EMEA at Vectra.

“Manually monitoring the network creates a challenge for resource-constrained organizations that cannot hire large security teams,” says Chris Morales, head of security analytics at Vectra. “Numerous security analysts are needed to perform the manual analysis required in identifying attacks."

When looking specifically at the enterprise networks of energy and utility companies, Vectra detected 194 command-and-control attack behaviours against energy and utility companies for every 10,000 host devices – 25 more attack behaviours than the average across all industries.

“Rest assured that they won’t be submitting their own offensive samples," says Vectra CTO Oliver Tavakoli. "And they won’t be submitting bespoke samples that were crafted to target them except for well after the fact so as not to tip their hand to the attacker."

Tirant les leçons de l'attaque NotPetya, Saint-Gobain a revu son plan de cyberdéfense. Sur la partie détection, le SOC peut maintenant compter sur l'IA de Vectra pour affiner les remontées d'alertes. Un changement pas uniquement technologique.

Critical infrastructure Supervisory Control and Data Acquisition systems are a perennial target for hackers. According to a study released by threat monitoring firm Vectra on Nov. 1, there were almost 200 network hacking attempts for every 10,000 SCADA host devices.

Usually, such attacks are meticulously planned months in advance and under-protected networks are allowing criminals to cross the threshold of infrastructure networks, according to a new research report from Vectra.

The recent 2018 Spotlight Report on Manufacturing from Vectra suggested that the manufacturing industry suffers an inordinate volume of malicious internal network activity, lateral movement and reconnaissance activity; Deloitte also touched on these vulnerabilities in a recent article.

"We believe Vectra embodies the vision, drive and innovation that define a successful entrepreneurial venture. Vectra should be proud of its accomplishment,” says Alex Vieux, Red Herring publisher and CEO. Red Herring’s Top 100 Global list has become a mark of distinction for identifying promising companies and entrepreneurs.

Recent attack activity tracked by security threat monitoring firm Vectra of more than 4 million devices and systems shows that the IT networks in energy and utilities are being hit regularly by attackers intent on blending in as they conduct deep reconnaissance on their ultimate targets: The industrial networks.

"AI augments the human capabilities to work at the scale and speed that manual approaches simply can't touch," says Chris Morales, head of security analytics at Vectra. "This would invaluable, given that a lack of time is one of the top job concerns being cited from IT and security professionals."