Posted on Thu, May 09, 2013
CounterTack, the industry's first and only provider of in-progress cyber attack intelligence and response solutions, today announced the next generation of CT Scout (formerly Event Horizon), a cyber defense solution utilizing Deep System Inspection that enables enterprise and government organizations to detect, assess and respond to advanced threat attacks.
...
"Today's organizations have largely accepted the fact that attackers are getting into their networks – that it's no longer a question of 'if' but 'when'," said Neal Creighton, CEO, CounterTack. "With the next generation of CT Scout, CounterTack enables organizations to implement active defense strategies, with rapid deployment honeynets and targeted production system monitoring."
Read more >
Posted on Wed, May 08, 2013
New Stealth Agent Enables Active Defense
WALTHAM, Mass. (May 8, 2013) – CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced the next generation of CT Scout (formerly Event Horizon®), a cyber defense solution utilizing Deep System Inspection that enables enterprise and government organizations to detect, assess and respond to advanced threat attacks.
Available now, Scout 4 introduces a new kernel-level Stealth Agent, which along with an enhanced analysis engine, enables active defense solutions against in-progress attacks. In a world where it is widely accepted that advanced threats continue to bypass security defenses, the ability to detect and respond to in-progress attacks is critical to reducing the attack dwell time – the time available for attackers to operate on the network and cause damage.
“After establishing a beach head, attackers move laterally through networks to identify and exploit targets, often for extended periods of time,” said former global CISO for BAE Systems, Eric Noonan, now CEO at CyberSheath Services International. “Getting visibility into these behaviors is critical to mounting timely countermeasures and minimizing damage.”
The new agent-based sensor architecture enables CT Scout 4 to support rapid and flexible deployment options that enable customers to implement active defenses and reduce attack dwell time. Deployed on both physical and virtual devices, the Stealth Agent provides great flexibility in deploying next-generation honeynets that not only help detect unknown threats, but also provide the intelligence on attacker means and motives necessary for implementing effective active defense countermeasures. The Stealth Agent can also be deployed directly on production systems as part of active defense strategies to accelerate countermeasures.
“Today’s organizations have largely accepted the fact that attackers are getting into their networks – that it’s no longer a question of ‘if’ but ‘when’,” said Neal Creighton, CEO, CounterTack. “With the next generation of CT Scout, CounterTack enables organizations to implement active defense strategies, with rapid deployment honeynets and targeted production system monitoring.”
Posted on Tue, May 07, 2013
With Cyber Attackers Still Penetrating the Most Sophisticated, Layered Defenses, CounterTack is Leading the Way in New Solutions for In-Progress Deeper Security Intelligence Monitoring and Faster Attack Response.
...
“The detection gap persists despite massive investments and continuing advancements in security technologies, with cyber attacker innovations outpacing cyber defenses. CounterTack is leading the way on new approaches for deeper security intelligence monitoring and faster attack response.”
Read more >
Posted on Thu, Apr 25, 2013
If ever we needed proof that Twitter is the new tickertape, we have it now: a hack of the the Associated Press account followed by a false tweet on explosions at the White House almost instantly wiped $136 billion off the DOW.
...
It is worth noting that if AP computers are breached (or the computers of any other Twitter user), then two-factor authentication would not necessarily have stopped the hack – malware planted on the computers would be able to subvert the process.
Sean Bodmer, chief researcher for CounterTack, puts the hack down to a retaliatory PsyOps operation. (If correct, the clear implication is that SEA is engaged in pure and simple cyberwarfare against the US.) “This is novel and cute,” he comments, “but more important, it is clearly a payback for the March 2013 PsyOps campaign against the Syrian people fighting the rebellion the United States is clearly supporting.” Almost exactly one month ago it was falsely reported that Assad had been shot by a bodyguard. JSS News stated, “According to reports in the Arab press (and then republished in the Israeli press), information that journalists say they have ‘verified’ the Syrian dictator Bashar al-Assad was killed this morning by one of his bodyguards.” This is the PsyOps operation against Bassad that Bodmer believes prompted the AP hack and tweet.
Read more >
Posted on Wed, Apr 24, 2013
I’m a bit of a night owl, so last Thursday night I was awake and watching one of the cable news channels when the shooting of an MIT police officer broke. Because the news channel did little more than share the story before going back to its regular programming, I did what millions of others did that night: I went to Twitter and was mesmerized over what unfolded in real life and over social media that night.
...
A second, much more serious, Twitter hack involved The Associated Press. Through the AP account, a false tweet was sent, reporting an explosion at the White House and injuries to President Obama. Sean Bodmer, chief research for CounterTack, told me in an email that the AP Twitter hack was performed by a Syrian hacker cell – most likely responding to an earlier publication in March that the Syrian president had been shot by his bodyguard. Bodmer added:
I would wager this was meant to harm our International platform and partners as I am sure similar events occurred in March the Syrian President had to respond and recover from. Social Engineering has been in use for decades and there are numerous effects, just like the Dow Jones dropping this afternoon in the wake of the AP Tweet. There were also numerous calls across the world attempting to verify and validate the AP (a trusted group) story. Moreover, this took away from U.S. action items for the day to respond to the flood of requests.
Read more >
Posted on Mon, Apr 22, 2013
Closing the Detection Gap on the International Stage
WALTHAM, Mass. (April 23, 2013) – CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced its first international customer and strategic partner – Preventia, a leading IT security specialist, boutique integrator and professional services provider in London.
Cyber attackers target organizations’ most valuable corporate information. Despite advancement in security technology there is still a detection gap, with cyber attackers outpacing cyber defenses. And, there is a growing need in the UK and European market for solutions to help companies close that detection gap.
“We see a clear opportunity to introduce new technology in the UK and Europe that helps companies better understand the security challenges facing them – and gives them the intelligence they need to address them. That’s where CounterTack comes in,” said Nick Peaster, Managing Director, Preventia. “We’re excited to partner with CounterTack because they solve problems in ways that no other company currently can. Together, Preventia and CounterTack will provide the innovative solutions enterprise companies need to detect breaches early and protect their proprietary information.”
This partnership signifies CounterTack’s first major move into the internal cyber security marketplace. In addition to deploying CounterTack Scout for monitoring and protecting its own network and systems, Preventia will represent CounterTack’s full suite of products in the UK and its existing customer base. Preventia’s customers include some of the UK’s largest and most prestigious companies, including banks, gaming companies, and retailers.
“Invasive network, workstation and server attacks aren’t unique to this side of the pond. CounterTack’s partnership with Preventia signifies the increasing worldwide demand for solutions such as Scout and Sentinel,” said Neal Creighton, CEO, CounterTack. “We’re excited to partner with Preventia. Its reputation as a provider of new, innovative technologies makes it a great choice for our first international partner.”
Preventia will be exhibiting at Infosecurity Europe April 23 – 25, 2013 at Earls Court Exhibition Centre in London. Stop by Stand E22 to learn more about CounterTack’s full suite of products available through Preventia.
Posted on Fri, Apr 19, 2013
IANS: Information Security Forum
April 29-30 - Roosevelt Hotel, New York
CounterTack is pleased to be a Sponsor of the IANS Information Security Forum, April 29-30 in New York.
The IANS New York Information Security Forum brings together experienced IT and information security practitioners for confidential information sharing on the industry's most important issues, technologies, and trends.
We hope you can join us at one of the four Technology Spotlight Sessions we will be hosting during the show:
- April 29th: 11:05 am-11:40 am and 11:50 am-12:25 pm
- April 30th: 2:20 pm-2:55 pm and 3:05 pm-3:40 pm
These sessions feature a live demo of
CounterTack Scout, the first commercially available solution, using CounterTack’s patented Deep System Inspection technology. Our unique, high-speed technology performs continuous, instruction-level monitoring of guest memory and invisibly collects data on attacker activity.
Learn more about the IANS New York Forum >
Contact us if you'd like to set up a meeting during the event.
Learn more about CounterTack Scout >
Learn more about CounterTack's Continuous Monitoring via NextGen Honeynets >
Posted on Tue, Apr 16, 2013
Infosecurity Europe 2013: Secure Thinking - Secure Working
April 23-25 - Earls Court Exhibition Centre -
London UK
Visit us in the Preventia Limited Booth (Stand E22)
CounterTack is pleased to be joining Preventia at the upcoming Infosecurity Europe, April 23-25 in London.
Are you ready for the information security challenges the future holds? The 18th Infosecurity Europe is Europe’s largest Information Security industry gathering. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and 12,500 unique visitors from every segment of the industry.
Keynote speakers include representatives from FBI • Dyson • TNT Express • Scotia Gas Networks • Channel 4 • Ofgem Metropolitan Police • Monster Worldwide • Information Commissioner's Office • EMI Music • EasyJet • Sapient, and more.
Learn more about the Infosecurity Europe event >
Contact us if you'd like to set up a meeting during the event.
Learn more about CounterTack's Continuous Monitoring via NextGen Honeynets >
Posted on Mon, Apr 08, 2013
Automating Detection and Diagnosis of Advanced Cyber Attacks to Accelerate Active Defense Processes
WALTHAM, Mass. (April 8, 2013) – CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, announced today that its cyber threat intelligence product, CT Scout, will support the company’s new Stateful Compromise Indicator (SCI) technology. SCIs are part of a new layer of automated analysis that classifies attacker behavior, delivering immediately actionable intelligence in next-generation honeynet applications and reducing overhead in advanced threat analysis applications.
For years, honeypots have demonstrated their value in detecting zero-day and other undetectable attacks, particularly in the government sector. Though effective, traditional honeypots are difficult to set up and equally challenging to manage. Further, these systems require highly skilled operators to analyze the large volumes of data they generate. CounterTack’s integrated solution represents a significant shift in this model, with CT Scout offering the world’s first enterprise-ready platform for next-generation honeynet deployments. With the addition of SCI support, CT Scout customers can further automate detection and remediation actions, and deploy honeynets more widely without expanding the need for highly skilled security analysts.
“CounterTack is revolutionizing the honeypot market by applying automation to the detection of advanced threats and making honeynet capabilities accessible to more organizations,” said Neal Creighton, CEO, CounterTack.” The integration of our SCIs with CT Scout demonstrates CounterTack’s commitment to helping enterprise customers save time and money, while doing battle with today’s increasingly sophisticated cyber threats.”
SCIs, originally developed for the CT Sentinel cyber defense product, enable rapid detection of advanced threats. With the addition of SCIs, first-line security operations center personnel can handle more alerts directly without escalating to threat analysis teams, thereby enabling much wider deployment of honeynet solutions. SCIs also improve the efficiency of threat analysis teams by enabling them to quickly filter out known threats and focus on new threats as they are detected.
Posted on Mon, Apr 01, 2013
Are there ways to catch sophisticated malware that hides in trusted processes and services? Deb Radcliff finds out.
Despite their investments in endpoint security systems, organizations are waking up to the ugly truth that they are nearly blind when it comes to advanced attacks and malware lurking in their networks.
...
And, applying intelligence to data analysis is critical in a world where attackers are outsmarting layers of security, says Sean Bodmer, chief researcher of CounterTack, a Waltham, Mass.-based security intelligence firm.
“If you can't look at the data from the right perspective at the right moment, then what you're left with is a bunch of detection information going into a SIEM bullpen for someone to go search it,” Bodmer says. “That is the detection gap right there.”
Read more >
