The Moonlight Maze cyber-espionage attacks sent shockwaves through the US in the late 1990s – two decades later, researchers uncover the original attack tools and find a link to a modern APT
Woburn, MA – November 29, 2017 – As part of its mission to arm businesses with the cutting-edge cybersecurity solutions they need, Kaspersky Lab has patented new innovative technology that automates the detection of one of the most effective weapons in a cybercriminal’s arsenal – remote control tools. The new technology uses machine learning to support businesses in fighting against advanced threats.
Cybercriminals have the ability to take remote control of victims’ computers in order to conduct malicious activities unnoticed, often reaching out to Command-and-Control servers through encrypted communication channels. This kind of threat is especially dangerous in corporate networks, where intellectual property can be unearthed and unlimited damage caused, if remote control goes undetected.
To efficiently and effectively detect remote control programs, antimalware solutions need to leverage complex behavioral protection systems. With this new, patented technology, Kaspersky Lab can offer businesses a solution capable of detecting remote control applications, even if they run on an encrypted channel.
The technology works by analyzing application activity and searching for anomalous behavior across a user’s computer. It picks up on any dependencies between activities occurring on the computer and their causes. By comparing these dependencies with defined patterns of behavior, the technology can then make a decision about the registration of the remote attacker's computer. It can then identify the remote control being used via unknown or even compromised safe applications, or their components.
“The detection of remote control attacks in encrypted channels is crucial for targeted attack protection, as this is the early stages of the kill chain,” said Artem Serebrov, head of research and development of the Kaspersky Anti Targeted Attack platform at Kaspersky Lab. “Remote control tools are distributed within the network during the search for, and theft of, valuable data. That’s why it is important to be able to detect such behavior in a very beginning. This technology will allow security officers to prevent incidents where previous layers of protection have failed to work.”
The newly patented technology will become the part of Kaspersky Anti Targeted Attack solution in 2018. Kaspersky Anti Targeted Attack is part of the Kaspersky Lab enterprise security portfolio, which covers different areas of IT security such as endpoint protection, cloud security, advanced threat defense and cybersecurity services.
To learn more about our Next Generation enterprise portfolio, please visit our website.
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company celebrating its 20 year anniversary in 2017. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
For the latest in-depth information on security threat issues and trends, please visit:
Securelist | Information about Viruses, Hackers and Spam
Follow @Securelist on Twitter
Threatpost | The First Stop for Security News
Follow @Threatpost on Twitter
Articles related to Corporate News
Kaspersky Lab experts announced research detailing how attackers are using unique tactics to withdraw money through remote administration from ATMs.
Kaspersky Lab Introduces New Partner Program to Drive Business Growth for Managed Security Services Providers
Kaspersky Lab Awarded MSPWorld Cup for “Best MSP Solution” at MSPWorld 2017 Conference & Expo