Analytics

8/15/2016
05:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

CrowdStrike Expands eCrime Offerings for Organizations to Combat Rampant Financially Motivated Cyber Attacks

New Tiered Packages Provide Customers with Enhanced Threat Intelligence Reporting

Irvine, CA – August 2, 2016 – CrowdStrike, the leader in cloud-delivered next-generation endpoint protection, threat intelligence and response services, today announced the launch of an expanded set of eCrime offerings to support broader, premium subscription options for Falcon Intelligence customers. The new tiered packages will be available to customers in September.

The tiered packages will allow customers to choose the option that best meets their needs, gain new capabilities and insights into the entire eCrime adversary ecosystem, and orchestrate detection and response options in a more effective manner. In addition, CrowdStrike has revealed a new methodology for tracking malicious eCrime actors. An example of this methodology is presented in a report CrowdStrike has released on the newly identified actor Boson Spider, which details the activities of the group, its ecosystem, and recent activity.

Between January and June of 2016 CrowdStrike Intelligence observed over a 600% increase in ransomware detections via the CrowdStrike Falcon™ Platform. This increase demonstrates the continuing rise of ransomware as an attack of choice for criminal actors. These threats impact enterprises ranging from small to Fortune 100-sized organizations. Dozens of new variants of ransomware emerged during that same time period, each seeking to implement novel features to evade traditional security tools. Defending against these threats requires intelligence and solutions which can operationalize that intelligence.

While ransomware is a critical threat, the distribution of banking trojans such as Dridex also represents a huge threat to organizations. Industries such as the financial and banking sector are facing a constant barrage of attacks that threaten their reputation, customer trust, and assets. With CrowdStrike’s eCrime threat intelligence offerings, customers can better understand the threats they are facing, reduce their spending on incident response, maintain regulatory compliance and drive down overall fraud rates for their business.

CrowdStrike customers with an eCrime subscription can now access automated and integrated eCrime threat intelligence to help combat these threats. They will receive comprehensive analyses of criminal malware, the Indicators of Compromise (IoCs) related to them, and the tactics, techniques, and procedures (TTPs) used by these adversaries. In addition, CrowdStrike offers APIs, feeds, and rules for easy integration with existing infrastructure.

Customers and partners can subscribe to the offerings through the following tiered packages:

  • Falcon Intelligence Standardprovides access to IoCs and actor profiles
  • Falcon Intelligence Premium comes in three tiers:
    • Premium Targeted Intrusion: provides access to IoCs, actor profiles and Targeted Intrusion reports
    • Premium eCrime: provides access to IoCs, actor profiles and eCrime reports
    • Premium eCrime + Targeted Intrusion: provides access to IoCs, actor profiles and all eCrime and targeted intrusion reports

“CrowdStrike continues to launch new customized offerings that equip customers with the intelligence they need to not only effectively prevent, detect, and respond to threats on a daily basis, but also to establish more informed long-term security strategies,” said George Kurtz, CrowdStrike’s co-founder and chief executive officer. “The new eCrime packages support the needs of a growing segment of customers, encountering new threats in the face of rising eCrime threat actors. Providing new subscription tiers and integrated intelligence in the Falcon platform is another step we are taking towards making government-quality threat intelligence simple, effective, and most importantly, accessible for all customers.”

“We’ve seen compelling evidence of eCrime actors gaining a strong foothold across many industries and affecting organizations of all sizes and in virtually every vertical,” said Adam Meyers, vice president of Intelligence at CrowdStrike. “Building on previous security research and tracking, we now have expanded our eCrime resources to track its complex global ecosystem, allowing us to be the top source of intelligence on those actors, their tactics, techniques, and procedures.”

“Intelligence awareness continues to move across the security technology landscape in a way that is enriching every security product with greater threat telemetry and context and will be capable of providing us the automated and responsive architectures of the future. Organizations that are beginning to leverage threat intelligence feeds are also evolving their security programs to incorporate threat intelligence feeds and tools into their security operations and incident response teams and processes, primarily as an aid to investigations and incident triage,” according to Gartner’s report, entitled “Intelligent and Automated Security Controls Impact the Future of the Security Market.”

More information about CrowdStrike’s new eCrime offerings can be found at this blog.

This eCrime announcement is made in conjunction with CrowdStrike’s announcement of its Falcon Platform Summer release, details of which can be found here.

About CrowdStrike

CrowdStrike is the leader in next-generation endpoint protection, threat intelligence and response services. CrowdStrike’s core technology, the CrowdStrike Falcon™ platform, stops breaches by preventing and responding to all types of attacks – both malware and malware-free. CrowdStrike has revolutionized endpoint protection by being the first and only company to unify three crucial elements: next-generation AV, endpoint detection and response (EDR), and a 24/7 managed hunting service — all powered by intelligence and uniquely delivered via the cloud in a single integrated solution. Falcon uses the patent-pending CrowdStrike Threat Graph™ to analyze and correlate billions of events in real time, providing complete protection and five-second visibility across all endpoints. Many of the world’s largest organizations already put their trust in CrowdStrike, including three of the 10 largest global companies by revenue, five of the 10 largest financial institutions, three of the top 10 health care providers, and three of the top 10 energy companies. CrowdStrike Falcon is currently deployed in more than 176 countries.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cybersecurity Must Be an International Effort
Kelly Sheridan, Associate Editor, Dark Reading,  12/6/2017
NIST Releases New Cybersecurity Framework Draft
Jai Vijayan, Freelance writer,  12/6/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Managing Cyber-Risk
An online breach could have a huge impact on your organization. Here are some strategies for measuring and managing that risk.
Flash Poll
[Strategic Security Report] Assessing Cybersecurity Risk
[Strategic Security Report] Assessing Cybersecurity Risk
As cyber attackers become more sophisticated and enterprise defenses become more complex, many enterprises are faced with a complicated question: what is the risk of an IT security breach? This report delivers insight on how today's enterprises evaluate the risks they face. This report also offers a look at security professionals' concerns about a wide variety of threats, including cloud security, mobile security, and the Internet of Things.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.