“There are only two kinds of companies in the world: those that know they’ve been hacked, and those that have been hacked and don’t yet know it.”
The above is a modern IT security adage. Gone are the days when the bad guys simply wrote viruses for fun and fame. Modern threat actors do some really nasty things for profit; from stealing money and intellectual property to identity theft and denial of service attacks, not to mention state-sponsored espionage (typically referred to as APT or “Advanced Persistent Threat”), etc.
Modern malware delivery mechanisms, silent and deadly, rely heavily on the exploitation of vulnerabilities in various OS software, e.g. Internet Explorer, and popular applications, e.g. Microsoft Word, Firefox and Chrome, Adobe Reader or Flash, Java, etc. In order to maintain an adequate security posture it is critical to remain on top of such issues, advising on the application of security updates to fix vulnerabilities, and to fully understand the scope of exploits and potential vulnerabilities. According to a recent survey most companies believe that their network will be hacked in 2015. The data breach map shows the map of organizations affected by data breaches since 2006.
At K7 our motto is to protect people and corporate information systems from the bad guys. K7’s products and our K7 Threat Control Lab have always endeavoured to protect users from exploitation, but we would like to take our vulnerability response a few notches higher, an enhancement of the K7 armour. We recently set up a dedicated Vulnerability Research team to tackle the complex problems posed by modern threat actors.
The objective of this team is to protect K7 customers with respect to the security triangle; the pre, current and post security environment. These are elaborated upon briefly thus:
- The pre: Protect customer information systems by conducting comprehensive security assessments – both for servers and applications. Tighten the security posture by performing security hardening.
- The current: Perform research on known 0-day exploits, hunt for new vulnerabilities and conduct in-depth research on Advanced Persistent Threats.
- The post: Conduct computer security forensics after a breach has been detected. Determine the What, Where, When, How and Who of the security investigation.
We would, of course, need to constantly evolve our capabilities in combating new threats. Expect more topics, content and blogs from this new team.
Image credit: http://krebsonsecurity.com
Samir Mody, Senior Manager, K7TCL
Senthil Velan, Manager,Vulnerability Research
If you wish to subscribe to our blog, please add the URL provided below to your blog reader: https://labs.k7computing.com/feed/