New cyber crime intelligence service launched
- 17 April, 2010 03:48
A new service to identify enterprise vulnerabilities to cyber-crime attacks is being launched by RSA, the security division of EMC.
According to a statement, the new RSA CyberCrime Intelligence Service, offered as an outsourced, managed service, is designed to help organisations identify computers, information assets and identities compromised by Trojans and other online attacks. It will also help remediate them through security policy and control.
RSA said advanced forms of malware, such as the Zeus Trojan, can silently capture a wide variety of data and credentials contained on enterprise computers and laptops, including proprietary information such as legal documents, healthcare records and corporate secrets.
The security firm warned that many organisations are not aware of the impact of malware within their systems that pose a significant threat to their information and bottom line.
88 per cent infection
They said recent research, by the RSA Anti-Fraud Command Center, reveals widespread compromise within networks belonging to Fortune 500 companies. Within this group of some of the world's largest corporations, RSA identified that 88 per cent (441 in total) had systems accessed by infected machines and 60 per cent of the firms (299 in total) had experienced stolen e-mail account information.
Uri Rivner, head of new cyber crime technology at RSA said: "We are seeing a celestial alignment within the world of online fraud which means that a much broader segment of corporate Internet users are being targeted by criminals who are looking to steal more than just credit card numbers and consumer identities.
"Advanced, stealthy Trojans like Zeus are detected less than 46 per cent of the time and are readily available to online criminals who are interested in stealing information for illegal gain," Rivner said. "Moreover, we estimate that the wildfire infection of these Trojans has expanded 10 times between 2008 and 2009."
Sally Hudson, research director for security products at IDC, said too many enterprise IT professionals accept 'good enough security'.
"They install tools to detect malware, enforce security policy, and monitor user behaviour," Hudson said. "However sophisticated, targetable malware technology makes it difficult for security controls to defend the enterprise from organised criminal threats.
Real knowledge and awareness needed
"To maintain the edge in protection, enterprises must have real-time knowledge and awareness of the current malware and threats that may be attacking computers in their extended enterprise. Armed with a better understanding of the threats to the enterprise, IT professionals can concentrate on providing effective security solutions and controls that will mitigate threats, ultimately reducing fraud, data loss, and intrusions."
The RSA CyberCrime Intelligence Service is designed to identify a subscribing organisation's compromised computers and user credentials including those that are leveraged via remote access. It is engineered to provide information security professionals with actionable knowledge and information necessary to adjust policies and controls to prevent the loss of data to malware and careless employee activities.
RSA said security managers can use the information and analysis provided by the service to react to and remediate potential data exposures, employee identity theft, as well as infected corporate resources. The new service is based on the RSA FraudAction service and leverages 24x7 monitoring and detection, alerts and reporting provided by RSA's team of experienced fraud analysts.