Know Thy Enemy: Why Company-Centric Threat Intelligence is a Critical Element of Cybersecurity Today’s defenders can have reams of information and log data available to them, with databases chronicling known threats and attack patterns. Unfortunately, the information available in these databases is most effective against documented threats or those with extremely well-established baselines. If an …
FREMONT, Calif – Sept. 24, 2019 – Attivo Networks, the award-winning leader in deception for cybersecurity threat detection, announced today its selection by TAG Cyber as a Distinguished Vendor in this year’s 2020 Security Annual for the fourth consecutive year. Published each September, the report offers expert guidance, analysis, and education on 50 different aspects of the cybersecurity ecosystem, making it one of the most comprehensive and respected informational reports available in the industry.
Interconnected devices are becoming the standard across all facets of technology. We are seeing this in everything from smart cities to tea pots and toasters. New IoT devices are popping up daily, rapidly adding to the 23 billion that already exist. These devices are designed for availability, accuracy and efficient work. Unfortunately, unprecedented numbers of these devices are hitting the market with poor security access control and little to no management oversight, making them a prime target for cyberattack. The goal of an attack is to control the device, but more common and concerning are the new ways an attacker can use devices to gain access to corporate, medical or operational networks. As a result, organizations must change the way they approach their security controls. It is no longer feasible to assume a security team can find every endpoint device, much less secure them.
The days of Jesse James’s train and bank robberies and John Dillinger kicking down doors with his trademark Tommy gun may be long gone, but bank heists are alive and well in the 21st century — albeit with a new flair. Instead of dramatic physical robberies, today’s criminals have shifted the battleground to cybersecurity, infiltrating the networks of financial institutions globally to steal money and personal information. The attacks remain staggering. Back in 2012, individuals and businesses are believed to have lost approximately $78 million during Operation High Roller. Fast forward to today, and the hacking group known as Bandidos Revolution Team is reported to have stolen hundreds of millions of pesos by infiltrating interbank payment systems and hacking into ATMs. Notably, this group is not believed to be connected to another, separate 300-million-peso heist from five banks last year.
Attivo Networks, the award-winning leader in deception for cybersecurity threat detection, today announced that Joseph Salazar, Technical Marketing Engineer, will present at this year’s H-ISAC (Health – Information Sharing and Analysis Center) Spring Summit. During his session, “Gaining an Operational Advantage with Full Fabric Deception Technology,” Salazar will take a deep dive on deception technology, discussing how it can be used to mitigate cybersecurity risk across the healthcare industry.
In 2016, the cybersecurity division of the U.S. Department of Homeland Security released a warning that a class of medical devices had a whopping 1,418 vulnerabilities. Admittedly, the devices in question were end-of-life versions of BD Pyxis SupplyStation health care inventory management system. But this extreme example points to the type of collision course that can occur when complex software and connectivity drive core medical device functionality. DHS reasoned that an adversary of low skill could successfully attack the aging Pyxis devices. And over the past decade, security researchers have proven dozens of medical devices, from pacemakers to infusion pumps, are at risk of a cyberattack. Austrian cybersecurity researcher Tobias Zillner, for instance, revealed that a St. Jude Medical pacemaker model produced until 2017 could be hacked using a 2000-era cell phone and the device could be incapacitated within three hours by draining the battery via a cyberattack. A firmware update was later made available to harden that device…
Militaries have been using deception for millennia. Cybercriminals use it every day. But cybersecurity vendors are fighting back. Robert Scammell talks to Attivo Networks CTO Tony Cole to find out how military-inspired traps are snaring cyber threats before they get a chance to attack. During World War II, a ghost army fooled Adolf Hitler. A travelling roadshow of inflatable tanks, cannons and airplanes, largely manned by actors and artists, impersonated the Allied Army near the front line. Doing this drew attention away from the US troops, spreading the German forces thin and giving the Allies a tactical advantage.
Written by: Chris Roberts – Chief Security Strategist. We think of the Internet as our friend, we use it for social activities, to keep in contact with friends and family scattered across the globe. We use it to help others, to be helped by friends and strangers alike…so when someone sends us something our first instinct is to click it to open it…and that’s the point we lose. We lose our bank accounts; we lose our identity, our taxes and our life.
Attivo Networks has named FireEye veteran Tony Cole as its CTO as the company looks to boost its presence in the government, financial services, and oil and gas verticals. The Fremont, Calif.-based vendor brought Cole on board to help Attivo deliver more clarity to the market around how its platform is differentiated from competitors. Cole said he plans to take a deep dive into what the Attivo platform does and the capabilities it provides to ensure it’s continually growing.
As medical devices incorporate connectivity, they provide greater opportunities for convenience, service, and information for consumers and companies, but also are increasingly vulnerable to cyber threats. In this environment, Attivo Networks and Becton, Dickinson and Co. (BD) have validated a deception solution for medical technology cybersecurity threats through a partnership bringing Attivo’s Botsink solution to a select number of BD devices. The two firms collaborated through BD’s Product Security Partnership Program and created “mirror-match decoy authenticity” software for some of BD’s devices, a method designed to redirect an attack from reaching important information or networks.