… but beware of those who prey on this new business arrangement.
Since the onset of the COVID-19 Pandemic, companies worldwide have had to cope with new business and personnel strategies. These include companies of all sizes adapting to remote work technical requirements and managerial and leadership hurdles. At FNA, we’re blessed that our remote first culture has enabled us to largely, “social distance and carry on” with a focus on thinking how COVID19 is impacting the financial, defense, and intelligence industries and how we can help our clients and societies at large.
Cybersecurity and cyber intelligence concerns span all industries, and reports indicate that while companies wrestle with minimal and remote manning, cyber threat actors are moving to capitalize on this havok. What advanced persistent threats target your industry? What malware do they use and where does this map to your infrastructure or and attack frameworks? In the COVID19 wake, are cyber threat tactics, techniques, and procedures (TTPs) changing?
At FNA, we’ve partnered with another London based technology company, Elemendar. Using Elemendar’s cyber threat intelligence (CTI) focused natural language processing (NLP) capability we can turn reported CTI data into structured and data embedded knowledge graphs that are ready to be merged with your company’s existing data. These graphs enable a top down (show the network and filter for context), or bottom up (query based returns) graph development that can be tuned to alert you to changes in reported TTPs that interest you the most.
Above. A FANCYBEAR/SOFACY APT Knowledge graph that maps from the APT, to the utilized malware, to infrastructure vulnerabilities and the MITRE Att&ck Framework. Developed using open source reporting about these APTs from Crowdstrike at a single point in time and transformed from unstructured to structured format via Elemendar’s CTI NLP. In FNA’s Platform, this data can be combined with internal company holdings and other threat reports, then visualized and analyzed using more than 300 graph and machine learning algorithms.
Additionally, FNA’s core capability allows you to further define then passively monitor the stream of threats normal to your system, identify trends toward threats or abnormality, then analyze the generated alerts from a network visualization and machine learning enabled graph analytics platform. In the new working environment, perhaps this approach to threat detection and analysis can not only introduce new methods and tools, but act as a force multiplier while company workforces and business norms are in flux.
Below. A minute by minute time-series graph that shows a network of ip-to-ip address communications change from normal operations to a distributed denial of service (DDoS) attack. FNA uses graph indicators and statistics that in conjunction with a company’s internal data can help predict, offset or deny, and respond to this and other types of cyber attacks. Interact with this graph and others at: www.fnalab.com for free.
What APT and malware concerns do you see as the biggest threat during the COVID19 Pandemic? What APT would you like to see visualized in FNA? We invite you to reach out to us here or at email@example.com about what data you’d like to see visualized that impacts your industry and we’ll be happy to work on providing that to you and hopefully opening a dialogue about this threat to all of our businesses during this challenging time.