Newly patented technology using machine learning ML-backed up technology will support businesses in fighting advanced threats, by discovering lateral movement in corporate networks – even through encrypted traffic
Mumbai, 3 December, 2017 (GPN) :In the last 12 months, enterprise businesses paid up to 1.2 million dollars for recovery from targeted attacks. But to fight off one of these attacks, a business needs multiple methods of defense. These include experienced security teams, global security intelligence and immense cybersecurity tools. An innovation from Kaspersky Lab is set to help businesses cope with this challenge – as part of its mission to arm businesses with the cutting-edge cybersecurity solutions they need, the leading cybersecurity company, has patented new technology that automates the detection of one of the most effective weapons in a cybercriminal’s arsenal – remote control tools.
Cybercriminals take remote control of victims’ computers in order to conduct malicious activities unnoticed, often reaching out to Command- and- Control servers through encrypted communication channels. Once installed on a user’s computer, remote control tools gain administrator access, giving cybercriminals the capacity to obtain confidential information about the user, and allowing them to perform any active on that user’s computer, including transmitting information about the results of their operations to computer network attackers. This is especially dangerous in corporate networks, where intellectual property can be unearthed and unlimited damage caused, if remote control goes undetected.
To efficiently detect remote control programs, antimalware solutions need to leverage complex behavioral protection systems. With its latest patent, Kaspersky Lab has expanded its abilities in this area, with new technology capable of detecting remote control applications, even if they run on encrypted channel.
The new technology works by analyzing application activity, and searching for anomalous behavior across a user’s computer. It picks up on any dependencies between activities occurring on the computer, and their causes. By comparing these dependencies with defined patterns of behavior, the technology can then make a decision about the registration of the remote attacker’s computer. It can then identify the remote control being used via unknown or even compromised safe applications or their components.
“The detection of remote control attacks in encrypted channels is crucial for targeted attacks protection as this is the early stages of the kill chain. Remote control tools distributed within the network and during the search for, and theft of, valuable data. That’s why it is important to be able to detect such behavior in a very beginning. This technology will allow security officers to prevent incidents where previous layers of protection have failed to work,” Artem Serebrov, Head of Research & Development of Anti Targeted Attack Platform at Kaspersky Lab, commented.
The newly patented technology will become the part of Kaspersky Anti Targeted Attack solution starting 2018. Kaspersky Anti Targeted Attack is part of the Kaspersky Lab enterprise security portfolio, which covers different areas of IT security such as endpoint protection, DDoS protection, cloud security, advanced threat defense and cybersecurity services. To learn more about our Next Generation enterprise portfolio, please visit our website ENDS.
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company celebrating its 20 year anniversary in 2017. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.