The United States has not been hit by a paralyzing cyberattack on critical infrastructure like the one that sidelined Ukraine in 2015. That attack disabled Ukraine's power grid, leaving more than 700,000 people in the dark.
But the enterprise IT networks inside energy and utilities networks have been infiltrated for years. Based on an analysis by the U.S. Department of Homeland Security (DHS) and FBI, these networks have been compromised since at least March 2016 by nation-state actors who perform reconnaissance activities looking industrial control system (ICS) designs and blueprints to steal.
Read More »
Topics:
attacker behavior,
cybersecurity,
Threat Detection,
AI,
critical infrastructure,
IT,
cyberattackers
2018 Black Hat survey: It’s about time and talent
We love Black Hat. It’s the best place to learn what information security practitioners really care about and what is the truth of our industry. Because we want to always be relevant to customers, we figured Black Hat is an ideal event to ask what matters.
Read More »
Topics:
attacker behavior,
cybersecurity,
Threat Detection,
AI,
SOC
If you’re joining me for the first time, I want to introduce myself. I am Cognito, the AI cybersecurity platform from Vectra. My passion is hunting-down cyberattackers – whether they’re hiding in data centers and cloud workloads or user and IoT devices.
Cybersecurity analysts are overwhelmed with security events that need to be triaged, analyzed, correlated and prioritized. If you’re an analyst, you probably have some incredible skills but are being held back by tedious, manual work.
Read More »
Topics:
AI,
cybersecurity,
Cyberattacks,
Threat Detection,
Data Center,
cloud,
network security,
IoT,
Malware Attacks
While ransomware attacks like NotPetya and WannaCry were making headlines (and money) in 2017, cryptocurrency mining was quietly gaining strength as the heir apparent when it comes to opportunistic behaviors for monetary gain.
Read More »
Topics:
cryptojacking,
cryptocurrency,
bitcoin,
Cyberattacks,
cybersecurity
In my last blog, I spoke about a financial customer performing pen testing and how I helped the blue team detect the red team as it carried-out an attack. I’m back again today with another story from the trenches.
This time, I’ve been working with a customer in the manufacturing sector who recently deployed me. As before, this customer prefers to remain anonymous to keep cybercriminals in the dark about their newly developed security capabilities. To stay on top of their game, they routinely run red team exercises.
Read More »
Topics:
AI,
cybersecurity,
Cyberattacks,
Threat Detection,
Data Center,
red team,
blue team,
cloud,
network security,
IoT,
attacker behavior
Vectra® was recently positioned as the sole Visionary in the Gartner 2018 Magic Quadrant for Intrusion Detection and Prevention Systems (IDPS). I’m pretty ecstatic about that.
Over the years, intrusion detection systems (IDS) have converged with intrusion prevention systems (IPS) and the two are now known collectively as IDPS. This convergence occurred as the security industry focused more on preventing external threat actors.
Read More »
Topics:
network traffic,
cybersecurity,
IDPS,
Intrusion detection prevention systems,
gartner,
AI,
security operations centers
Traffic sent to and from major internet sites was briefly rerouted to an ISP in Russia by an unknown party. The likely precursor of an attack, researchers describe the Dec. 13 event as suspicious and intentional.
According to BGPMON, which detected the event, starting at 04:43 (UTC) 80 prefixes normally announced by several organizations were detected in the global BGP routing tables with an Origin AS of 39523 (DV-LINK-AS), out of Russia.
Read More »
Topics:
russia,
HTTPS,
network traffic,
internet traffic,
cybersecurity,
espionage,
Encryption,
BGP,
ssl,
tls,
BGP hijack
The United States has not been the victim of a paralyzing cyber-attack on critical infrastructure like the one that occurred in the Ukraine in 2015. That attack disabled the Ukrainian power grid, leaving more than 700,000 people helpless.
But the United States has had its share of smaller attacks against critical infrastructure. Most of these attacks targeted industrial control systems (ICS) and the engineering personnel who have privileged access.
Read More »
Topics:
cybersecurity,
Cyberattacks,
industrial control systems,
critical infrastructure,
IoT
Hey everyone. For my first blog, I want to share a story about my role on the blue team during a recent red team exercise.
But first, I want to introduce myself to those of you who might not know me. I am Cognito, the artificial intelligence in the Vectra cybersecurity platform. My passion in life is hunting-down cyber attackers – whether they’re hiding in data centers and cloud workloads or user and IoT devices.
Read More »
Topics:
AI,
cybersecurity,
Cyberattacks,
Threat Detection,
Data Center,
red team,
blue team,
cloud,
network security,
IoT
Over lunch last week, a customer who recently deploy our Cognito™ platform told me that his SIEM sales person said “We can do what Vectra does with our analytics package. I simply looked at him and said, “No body, no murder – no they can’t.”
He was puzzled, so I explained.
Read More »
Topics:
Cyberattacks,
network security,
cybersecurity,
siems,
logs,
security analyst
