"In Advanced Persistent Threat (APT)/Targeted attacks, hackers create custom attacks and infrastructure to target one or a handful of organizations," said Jon Ramsey, Dell SecureWorks Chief Technology Officer. "However, even with APT attacks, the attackers do use common tactics such as spear phishing and other social engineering ploys. With our Targeted Threat Intelligence services, we are looking to provide insight into the specific attacks, infrastructure and tactics, as it relates to the organizations being targeted."
The services include three offerings: Targeted Threat Surveillance, Enterprise Brand Surveillance and Executive Threat Surveillance and complement Dell SecureWorks' current Global Threat Intelligence offering.
The "Targeted Threat Surveillance" service combines the research expertise of Dell SecureWorks' renowned Counter Threat Unit (CTU) research team, its unique global security threat visibility, and a state-of-the-art Threat Intelligence link analysis platform. Using network and host identifiers from an organization, such as key IP addresses and domain names, the CTU research team can proactively monitor Dell SecureWorks' high-value proprietary, private and public information sources to identify threat indicators related to an organization's infrastructure. Because organized cybercriminals and Advanced Persistent Threat (APT) actors operate in a stealthy manner, the key way of tracking them is through the digital traces they leave behind.
When an initial correlation is found between a customer's infrastructure and these digital traces, the CTU research team then uses a combination of their world-class expertise, advanced threat intelligence analytics and an analysis of their broad threat telemetry to identify and assess related indicators and provide further link analysis and context in order to assess the true threat the indicator may represent. As a result, customers are provided with actionable threat intelligence. For example, the CTU research team can identify relationships between specific malware samples and an organization's infrastructure and provide security intelligence about the malware's operational capability, relationships to attack infrastructure known to be used by the malware, targeting telemetry, and threat indicators which can be used to detect, protect and respond.
By proactively analyzing an organization's network and host identifiers against Dell SecureWorks' continuous streams of threat data, the CTU research team's goal is to provide well-researched, relevant and actionable threat intelligence to help organizations improve identifying and understanding the real-world threats to their critical assets so as to improve protection and response.
The Security Risk and Consulting (SRC) team of Dell SecureWorks is launching the new "Enterprise Brand Surveillance" and "Executive Threat Surveillance" services. These services are designed to identify targeted cyber threats from hacktivists, cybercriminals or disgruntled individuals who may be preparing to attack an organization or its executives. The services provide real-time monitoring and utilize many human intelligence sources, looking for conversations, postings of stolen company credentials, intellectual property and other indications that an organization's brand or its executives are the target of a cyber attack. The security and risk consultants will also scour the Internet looking for public information related to a company's organization that may seem innocent but could be used by hackers to compromise a company's security, brand reputation or executives. This includes information found in public files, on social media sites, in RFP responses, metadata and in job postings.
The Enterprise Brand Surveillance service provides real-time monitoring of information outlets to identify threat actors targeting an organization, so customers can quickly and effectively prepare countermeasures to protect their infrastructure, assets and business' brand reputation.
The Executive Threat Surveillance service is used to monitor and assess information security risks to executives and personnel. The service monitors, tracks and reports back on what's being said across the Internet about and by an organization's executives and personnel, including postings to social networking sites.
"Having more context into the cyber threats targeting your organization, as well as the indicators of these threats, enables your security team to implement customized and robust security controls and defenses, while helping prepare your incident response and forensic teams for any possible scenario, said Ramsey."
About Dell SecureWorks:
Dell Inc. (NASDAQ: DELL) listens to customers and delivers innovative technology and services that give them the power to do more. Recognized as an industry leader by top analysts, Dell SecureWorks provides world-class information security services to help organizations of all sizes protect their IT assets, comply with regulations and reduce security costs. For more information, visit www.dell.com/secureworks.