Skip to main content

Kaspersky Lab Researchers Offer Threat Intelligence Services on Global Scale

Woburn, MA – July 26, 2016Kaspersky Lab today announced that its Global Research and Analysis Team (GReAT) is now tracking and offering reports on the activity of over a hundred threat actors and sophisticated malicious operations that enterprises should be aware of. These campaigns are a global threat – targeting commercial and government organizations across 85 countries.

Previously there were only dozens of threat actors concerning businesses but today these numbers have reached the highest level at a rapid pace. As the number of campaigns rises, sophisticated threat actors are improving their techniques and extending their arsenal, as well as new actors are emerging.

Based on the analysis of the intelligence gathered on these campaigns, Kaspersky Lab researchers have been able to create a list of the top organizations at risk of becoming a target of cyber espionage, or a sophisticated cybercriminal operation. These businesses include:

  • Government and diplomatic organizations
  • Financial institutions
  • Energy companies
  • Telecommunications companies
  • Aerospace organizations
  • Military contractors
  • Educational organizations
  • Healthcare organizations
  • Activists
  • IT companies
  • Diplomatic organizations

Targeted attacks are a major problem because the tactics of almost any of the existing groups involve utilizing tools that overcome traditional endpoint and network protection solutions. Even if solutions are effective in regards to usual, and some sophisticated, malware, they cannot provide a 100 percent detection guarantee when it comes to targeted attacks. This is because actors behind sophisticated campaigns are professionals in social engineering, they may use zero-day vulnerabilities, and they’re increasingly using legitimate tools for remote access instead of actual malware. That is why reliable security software in a corporate IT infrastructure must be accompanied by intelligence nowadays – security teams need to be backed up with expertise, so that they know when to be alarmed, and what clues to look for if their organization becomes a threat actor target.

We’ve been tracking sophisticated targeted attacks for more than six years now and we have seen this kind of activity become a widely used tool for espionage and money theft,” said Costin Raiu, director of global research and analysis team at Kaspersky Lab. “Targeted attacks can affect many different types of organizations, it’s not just governments that are affected. Multiple commercial organizations – especially from the enterprise sector – are in danger as well. They might become an organization of interest for attackers because they cooperate with government and military entities, or because they hold valuable intellectual property, or just because they have access to large financial assets. In this situation getting an early warning on an emerging malicious campaign targeting a certain type of organizations is crucial for entities that are willing to protect their sensitive data reliably. Intelligence based services that make it possible for enterprise security teams to access data about the latest sophisticated threats is a must nowadays.”

The Intelligence collected by Kaspersky Lab’s security experts is available as a special product for enterprise and government customers. It is available via subscription-based access to the special APT Reporting Portal, which contains detailed reports on threat actors, and actionable data to identify attacks on a company’s infrastructure.

Intelligence as a Service

As a leading endpoint security and threat intelligence company, Kaspersky Lab provides its clients with a comprehensive database of valuable threat data – the APT Intelligence Reporting service. Kaspersky Lab’s subscriber-only APT Reporting Portal is a convenient interface for Kaspersky Lab’s customers to access, view and obtain actionable data from our private reports.

All private reports come with context data, which makes it possible for clients to understand an actor’s tactics, the type of organizations it hunts for, and the geography of its activity. This is accompanied with actionable intelligence like Indicators of Compromise, YARA rules and mitigation strategies, which enable the security team of a company to scan its infrastructure for signs of an attack that has already happened, and to protect it from possible upcoming attacks.

Learn more about the Kaspersky Lab APT Intelligence Reporting service here: http://www.kaspersky.com/enterprise-security/apt-intelligence-reporting

About Kaspersky Lab

Kaspersky Lab is a global cybersecurity company founded in 1997. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them.

Learn more at www.kaspersky.com.

For the latest in-depth information on security threat issues and trends, please visit:
Securelist | Information about Viruses, Hackers and Spam
Follow @Securelist on Twitter

Threatpost | The First Stop for Security News
Follow @Threatpost on Twitter

Media Contact:
Denise Bertrand
781.503.1836
denise.bertrand@kaspersky.com

Kaspersky Lab Monitors Over 100 Sophisticated Malicious Campaigns Targeting Enterprises

Kaspersky Lab Researchers Offer Threat Intelligence Services on Global Scale
Kaspersky Logo