Facebook Twitter Instagram YouTube LinkedIn
    Facebook Twitter Instagram LinkedIn YouTube
    Trending
    • Why is it Safer to Use a Prebuilt Platform for your Website?
    • Overcoming Barriers to the Metaverse Requires Ubiquitous Connectivity
    • 10 Strategies to Stop Ransomware Attacks
    • Rajiv Kulkarni Talks about the Malware Analysis Pipeline
    • IDS Alliance Raises Awareness of IAM Fundamentals with the ‘CISO Chronicles’
    • Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases
    • BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles
    • Security Automation Cuts Down Expenses and Saves Time for IT Teams
    TechSpective
    • RSS
    • Facebook
    • Twitter
    • Google+
    • LinkedIn
    • Instagram
    • Pinterest
    • Technology
      Featured
      March 1, 20216

      Could Home Study Be Better for Education? Using Technology to Craft a Better Tomorrow

      Recent
      May 27, 2022

      Overcoming Barriers to the Metaverse Requires Ubiquitous Connectivity

      May 20, 2022

      Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases

      May 20, 2022

      BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles

    • Reviews
      Featured
      March 4, 20211

      Dell’s UltraSharp 40 – Improving Work and Workplaces with Monitor Innovations

      Recent
      April 7, 2022

      Dell’s Latitude 5430 Rugged – Redefining the Extremes of Mobile Computing

      October 12, 2021

      Innovating Home Video Conferencing: Dell’s New 27 Video Conferencing Monitor – S2722DZ

      September 22, 2021

      Review: Intrusion Shield

    • Podcasts
    • Security
      Featured
      March 7, 20212

      Pandemic Unmasks Vulnerability to Automated Bot Attacks

      Recent
      May 26, 2022

      10 Strategies to Stop Ransomware Attacks

      May 25, 2022

      Rajiv Kulkarni Talks about the Malware Analysis Pipeline

      May 23, 2022

      IDS Alliance Raises Awareness of IAM Fundamentals with the ‘CISO Chronicles’

    • Microsoft
      Featured
      September 12, 20201

      The Microsoft Surface Duo: The Communications Device for Those That Think Different

      Recent
      April 8, 2022

      AI and Why Windows 12 Could Be a Far Bigger Advance than Windows 95 Was

      October 11, 2021

      The Surface Laptop Studio: Building a Windows 11 Targeted Laptop

      August 28, 2021

      Why Microsoft’s Hardware Baseline for Windows 11 Is Important

    • News & Analysis
      Featured
      March 6, 20212

      Fixing The World One Person At A Time: Cisco Networking Academy

      Recent
      May 25, 2022

      Rajiv Kulkarni Talks about the Malware Analysis Pipeline

      May 20, 2022

      BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles

      May 20, 2022

      IBM Think 2022 – Embracing the Present, Preparing for the Future

    • Business
      Featured
      March 6, 20212

      Fixing The World One Person At A Time: Cisco Networking Academy

      Recent
      May 27, 2022

      Why is it Safer to Use a Prebuilt Platform for your Website?

      May 20, 2022

      Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases

      May 20, 2022

      Security Automation Cuts Down Expenses and Saves Time for IT Teams

    TechSpective
    You are at:Home»Business»CrowdStrike wants to help make sure you’re not the next Sony

    CrowdStrike wants to help make sure you’re not the next Sony

    1
    By Tony Bradley on February 4, 2015 Business, Cyber Espionage, Data Breach, Data Protection, Malware, Security, Security, Threat Intelligence

    Most cyber attacks against a corporation aren’t conducted by a nation-state. Most cyber attacks against a corporation don’t seek to literally destroy data and PCs. The recent attack against Sony was not most attacks.

    I had a chance to talk with Dmitri Alperovitch, CTO and co-founder of CrowdStrike, about what CrowdStrike has learned about the attack against Sony, and what advice he has for other companies to help them do a better job of defending against an attack like Sony faced:

    While cyber attacks by nation-state adversaries have been taking place for years, in 2014 it became abundantly clear that every company—no matter the industry—is a potential target. The Sony breach was a wake-up call for all organizations: if you have valuable information, you are a target.

    CrowdStrike is part of a new wave of cybersecurity companies that view security from a different perspective. Traditional security models focus on guarding the “perimeter” in an “us vs. them” strategy, and deploying malware tools intended to identify and block specific attacks that are already known. CrowdStrike flips it around. CrowdStrike’s tagline is “You don’t have a malware problem, you have an adversary problem.”

    CrowdStrike’s intelligence team had been tracking the adversaries who had infiltrated Sony for years and was able to analyze the wiper malware used in the Sony breach and tie it back to previous destructive attacks conducted against South Korea going back to 2009. I had a chance to chat with Dmitri Alperovitch, co-founder and CTO of CrowdStrike, about what they discovered.

    I put our conversation together in the form of a Q&A. I’m TB (Tony Bradley), and Dmitri is DA (Dmitri Alperovitch):

    TB: Could the attack on Sony have been prevented?

    DA: Once a network has been breached, the adversary often spends weeks or months studying, exploring, and stealing useful data (including administrator credentials) in order to provide them with a comprehensive understanding of the network and ability to move around freely and stealthily. In the recent Sony hack, the adversaries embedded their custom malware with a hard-coded list of machines as well credentials for administrators in the environment, which implies that there was a significant reconnaissance period before the initiation of the actual destructive attack itself. To combat a sophisticated adversary you must have the right security tools to detect reconnaissance behaviors such as credential theft and lateral movement, giving you ample time to spot the attacker long before they can steal your data or wreak havoc on your network.

    TB: What can be done beyond the reconnaissance stage of an attack?

    DA: In the case of Sony, once the adversary succeeded in stealing administrative credentials, it became increasingly difficult to prevent the attack since at that point they could adopt the identity of any insider—and an administrator at that—and do the type of things that administrators typically do when they manage their network. If you don’t have the right types of detection tools on your network, sophisticated adversaries can within hours achieve their objective of obtaining the highest level of access on your network and proceed to implant themselves in it for the long haul.

    Read the full story, along with a link to view a live demonstration using the wiper malware that was employed at Sony, on CSOOnline: CrowdStrike demonstrates how attackers wiped the data from machines at Sony.

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous Article3 things Apple Watch (and other smartwatches) needs to succeed
    Next Article Why Outlook for iOS is my new favorite email app
    Tony Bradley
    • Website
    • Facebook
    • Twitter
    • LinkedIn

    I have a passion for technology and gadgets--with a focus on Microsoft and security--and a desire to help others understand how technology can affect or improve their lives. I also love spending time with my wife, 7 kids, 2 dogs, 5 cats, 1 rabbit, 2 ferrets, a pot-bellied pig, and sulcata tortoise, and I like to think I enjoy reading and golf even though I never find time for either. You can contact me directly at tony@xpective.net. For more from me, you can follow me on Twitter, Facebook, Instagram and LinkedIn.

    Related Posts

    Why is it Safer to Use a Prebuilt Platform for your Website?

    10 Strategies to Stop Ransomware Attacks

    Rajiv Kulkarni Talks about the Malware Analysis Pipeline

    Comments are closed.

    Site Sponsors
    Intel
    DevOps.com
    Adobe
    PopSpective
    • Technology
    • Popular
    • Top Reviews
    May 27, 2022

    Overcoming Barriers to the Metaverse Requires Ubiquitous Connectivity

    May 20, 2022

    Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases

    May 20, 2022

    BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles

    9.0
    July 14, 2016

    Review: Lenovo Yoga 900S

    9.5
    March 2, 2015

    Review: Asus Zenbook UX305 ultrabook

    8.0
    February 9, 2015

    Review: Burg 12 smartwatch

    9.7
    November 16, 2018

    Review: BlackVue DR900S-2CH Vehicle Dash Cam

    9.5
    September 2, 2015

    Review: Microsoft Band

    May 27, 2014

    Protect your family photos with ScanMyPhotos

    Coffee and Politics
    Popular Posts
    9.0
    July 14, 2016

    Review: Lenovo Yoga 900S

    9.5
    March 2, 2015

    Review: Asus Zenbook UX305 ultrabook

    8.0
    February 9, 2015

    Review: Burg 12 smartwatch

    PopSpective
    PopSpective
    Coffee and Politics
    Adobe
    • RSS
    • Facebook
    • Twitter
    • Google+
    • LinkedIn
    • Instagram
    • Pinterest
    About

    TechSpective covers technology trends and breaking news in a meaningful way that brings value to the story, and provides you with information that is relevant to you. We offer in-depth reporting and long-form feature stories, as well as breaking news coverage, product reviews, and community content in plain English terms, and with a unique perspective on technology.

    Coffee and Politics

    © 2020 Xpective, Inc.

    • About
    • Privacy
    • Advertise
    • Subscribe
    • Contact
    © 2021 Xpective, Inc.
    • About
    • Privacy
    • Advertise
    • Subscribe
    • Contact

    Type above and press Enter to search. Press Esc to cancel.