Breach Force: "Grand Theft Data", CrowdStrike's Falcon + FireEye Joins ARCYBER Support Team
By: Tech Video Project
In this episode of "Breach Force", McAfee releases a sequel to "Grand Theft Data", we hear how CrowdStrike hopes to protect millions of endpoints with Falcon, and FireEye joins team to provide defensive and cyber threat intelligence operations support to U.S. Army Cyber Command.
In our top story, nearly three-quarters of all breaches require public disclosure, which is putting brand reputation at risk, according to a new study from McAfee titled "Grand Theft Data II – The Drivers and Shifting State of Data Breaches".
Despite improvements in combating cybercrime and threats, IT security professionals are still struggling to fully secure their organizations and protect against breaches. McAfee's research found 61 percent of respondents experienced a data breach at their current employer.
"Threats have evolved and will continue to become even more sophisticated,"
Check out this new episode of "Breach Force" on YouTube (https://youtu.be/
The McAfee report had six interesting takeaways:
1.) Savvier thieves: Data is now being stolen by a wide range of methods, with no single technique dominating the industry. The top vectors used to exfiltrate data are database leaks, cloud applications and removable USB drives.
2.) Who's on first? Personally identifiable information (PII) and intellectual property (IP) are now tied as the data categories with the highest potential impact to 43% of respondents.
3.) Blame game: IT is looked at as the culprit with 52 percent of respondents claiming IT is at fault for creating the most data leakage events.
4.) The great divide: Security technology continues to operate in isolation, with 81 percent reporting separate policies for cloud access security brokers and data loss prevention, resulting in delayed detection and remediation actions.
5.) Taking responsibility:
6.) Future proofing: IT professionals are taking action, with almost two-thirds stating they have purchased additional endpoint detection solutions over the last 12 months.
Meanwhile, for companies who are struggling to continuously monitor for firmware attacks, there is new hope. CrowdStrike is hoping its new tool called "Falcon" will break new ground in providing continuous monitoring that extends to the firmware level.
"Today's persistent nation-state actors have already begun migrating to the basic input/output system or BIOS attacks as their next preferred environment for persistence and malicious control of systems" said CrowdStrike VP Alex Ionescu. "It's only a matter of time until such techniques become commoditized by an even wider spectrum of attackers,"
Modern security tools have focused on detecting attacks at the operating system level and above, but provide little visibility into lower levels of the modern computing platform.
Attackers looking to maintain stealth and persistence have targeted BIOS to infect it with malicious code that is difficult to detect and can persist despite reboots and reinstallation of the operating system.
"(We are) providing our customers both firmware and hardware-level visibility into these vulnerabilities and attacks even before they have a chance to take off" added Ionescu. "Perhaps (we can) even discover dormant threats that had so far been unseen."
Today, most security products remain blind to attacks that attempt to leverage BIOS firmware to infiltrate endpoints, leaving organizations vulnerable to compromise. Falcon could be the first endpoint protection platform to provide visibility into these threats, enabling organizations to thwart BIOS attacks while continuously monitoring endpoints.
Falcon collects details on BIOS images and configuration, and delivers enterprise-wide firmware visibility via the cloud-native Falcon Platform console. It also improves IT hygiene through visibility over the assets, applications, and accounts being used in an organization's environment, improving overall security posture and helping businesses take a more proactive stance to security.
In other news, FireEye has been named a key partner in the United States Army Cyber Command's efforts to keep pace with today's adversaries and evolving cyber threats.
"The strength of U.S. national security depends in part on effective cyber warfare and staying ahead of evolving cyber threats" said FireEye's CTO Ron Bushar.
As part of a new $905 million, five-year award, Perspecta has subcontracted with FireEye to enhance cyber operations and global mission support. Under the Cyberspace Operations Support task order, FireEye will provide professional services to assist with cyber threat intelligence operations, defensive cyber operations, cyberspace incident response, and cyberspace exercise support and training.
ARCYBER is the Army headquarters beneath United States Cyber Command (USCYBERCOM)
In support of its global mission to strategically elevate the use of cyberspace capabilities within military operations, FireEye will provide ARCYBER with best-in-class incident and network response, including intelligence methodology and best practices.
"Breach Force" is produced by TVP, and sponsored by RestonLogic, cloud wizards leveraging over 10 years experience helping companies automate, transform and build highly-secure and stable systems. Click over to RestonLogic dot com to book a strategy session today.
Disclaimer: The blurbs highlighted on "Breach Force" are available for information purposes only, and don't necessarily reflect opinions of our editors.
Page Updated Last on: Jun 30, 2019