WHITEPAPER. Recall Cyber Intelligence

Transcription

1 WHITEPAPER Recall Cyber Intelligence

2 Table of Contents isolv Technologies Solves Employee Insider Threats 3 Case Study 3 The Threat 3 The Challenges 4 isolv s Solution: Recall Cyber Intelligence 4 The Benefits of Recall Cyber Intelligence 4 Potential Use Cases 5 isolv Technologies (Pty) Ltd 6

3 ISOLV TECHNOLOGIES: CYBER INTELLIGENCE isolv Technologies Solves Employee Insider Threats The cyber security landscape has changed. Hacking, web-flooding and technology-focused attacks are now being directed from both inside and outside organisations, creating a playground for criminals and employees alike. Attack vectors have become increasingly complex, thereby rendering systems easy targets. Organisations and businesses are therefore driven to proactively fend off ever-present cyber-attacks, and are investing heavily in strategies to overcome insider and outsider cyber threats. These threats include cybercriminals hacking critical infrastructure, as well as disgruntled employees releasing sensitive information, taking intellectual property to competitors, engaging in online fraud, or colluding with crime syndicates by copying sensitive company information, or accessing network restricted areas and restricted files on files shares. High profile organisations are becoming increasingly visible targets for cyber-attacks. The US Government had information leaked to various press offices by Edward Snowden on what he called illegal government behaviour. Additionally, the Google offices in China and companies like Juniper Networks, Adobe and Yahoo were all part of targeted cyber-attacks from China. In response to the increasing threat of insider cyber-attacks, isolv has developed the Recall Cyber Intelligence solution. It offers unprecedented evidence collection and covert monitoring capabilities, designed to enable businesses and organisations to act against insider cyber-attackers. Case Study The Threat The CFO of a major insurance company admitted that internal fraud and external network attacks had played a major role in the losses incurred by the company. After having a more detailed understanding of the environment, he and his team discovered the following: Employees were being recruited by crime syndicates Customer data was being stolen and/or sold Syndicates were linked to identity theft using stolen customer data Call centre agents were most susceptible to working with the syndicates Information was being leaked from multiple points

4 Corporate IP/trade secrets were being stolen Non-compliance issues were being raised as a result of customers confidential details being divulged The Challenges In his efforts to investigate, the CFO found that it was very difficult to gain forensic data from the suspected employees computers without them knowing that they were being monitored. He noted that: Sophisticated methods were being used by employees to leak information via removable media such as USBs, hard drives etc. File names were being altered to suit the employee, making them nearly impossible to track Insufficient evidence could be found to link employees to the actions This meant that the risks could not be captured, analysed or acted on, as there was insufficient forensic support data coming from their existing systems. Despite their best efforts, they remained completely exposed to on-going insider threats. isolv s Solution: Recall Cyber Intelligence isolv Technologies proposed its Recall Cyber Intelligence solution to the company, which allowed for the following: Real-time collection of critical forensic evidence for data leakage at the point of the crime Undercover deployment of monitoring agents and non-intrusive monitoring of user activity Security alerts generated from attempted breaches Monitoring of USB activity, screen shots, key logs, user printer activity and, if required, voice and camera feeds to match the user to the activity Key application monitoring for file and name changes Monitoring of user internet activity, including viewable browser history The Benefits of Recall Cyber Intelligence Recall Cyber Intelligence puts an organisation in control by giving it capabilities that allow it to track exactly what trends are transpiring, and where computer-related crimes are taking place.

5 The capabilities gained by using Recall Cyber Intelligence include: Real-time, silent evidence-collection directly from the point of the crime Monitoring and actioning based the profiles of suspected employees Identification of data movement from servers and file shares Identification of employees involved in internal crimes Full compliancy due to security measures put in place because of monitored user activity Potential Use Cases The Recall Cyber Intelligence solution is ideally suited to customers wanting to gain intelligence on their internal environment. Customers that would most benefit from this solution include: Government Departments Military and Defence Financial Institutes Insurance Agencies Medical Industry Attorneys at Law Mining Sector Chemical/Petroleum Sector

6 isolv Technologies (Pty) Ltd T: P.O. Box st Floor, Block A, Rosebank Office Park F: Saxonwold 181 Jan Smuts Avenue E: sales@isolvtech.com 2132 Johannesburg Republic of South Africa Republic of South Africa Recall Cyber Intelligence is a registered trademark of isolv Technologies (Pty) Ltd. All other registered names and trademarks are the property of their respective owners 2013, isolv Technologies (Pty) Ltd. All rights reserved. This document must not be copied or changed, in part or its entirety, without express written consent from isolv Technologies (Pty) Ltd.