A new year means new improvements for CounterCraft. Version 2.8 is here, and it is set to make important strides forward for cyber threat intelligence. CounterCraft continues to be on the cutting edge of the cybersecurity sector, thanks to our expertly crafted technology. We take deception seriously. We are still the only platform to use buffer zones for assets in the cloud and in network, offering flexible capabilities that are attack-technique agnostic.
2020 was a revolutionary year. Everything changed. The global pandemic brought the world to its knees, exposing sociopolitical, economic, racial and digital weaknesses. The pandemic, and the effects it has had on our daily lives, has changed the panorama, opening us up to new threats and exacerbating old ones. Alongside global health and climate change, cybersecurity is one of this century’s greatest threats to the world economy.[1] Here at CounterCraft, we keep our eyes on more than just the headline-making incidents of ransomware and high-profile phishing attacks.
The future is in the cloud. This means threat actors have access to data and crown jewels via external and cloud services. In fact, attacks on cloud services users reached nearly 7.5 million in the second quarter of 2020. This widespread problem presents a challenge to security teams, as activity is taking place outside of their own network, and generic threat intelligence feeds provide no useful information. CounterCraft is the only threat intelligence tech company that allows pre-breach activity detection.
The end of the year brings a wealth of big cybersecurity news. Our internal chat blew up with the latest breach revelations, but we also had a couple good on- and off-topic laughs—because isn’t that the secret to surviving 2020? The Solar Winds breach The Solar Winds breach is front page news these days, and not just in the cyber world. Mainstream media has picked up this gigantic hack, the scope of which is nearly unprecedented.
Cybersecurity continues to be a major concern for nation states, with an ever-increasing urgency thanks to recently discovered attacks. From the Solar Winds hack (a “historic mess”) that infiltrated the U.S. government to the European Medicines Agency hack that accessed documents on the Pfizer/BioNTech vaccine, both the number of nation-state attacks and stakes of the information being stolen are on the rise. Countries are amping up their defenses against these threat actors, and many of the world’s top powers are turning to deception technology.
Over 90% of cyber attacks begin with spear phishing. This widespread problem is a difficult one to mitigate, because spear phishing doesn’t rely on an easily detected spam campaign. Instead, spear phishing campaigns are highly targeted, meaning that no matter what security may be in place, there is always the possibility that someone, somewhere will click on a link that will result in your corporate network being compromised. CounterCraft’s deception campaigns have proven effective in deflecting the spear phishing attack into a buffer zone to collect real-time threat intel on attackers.
This year, CounterCraft celebrates its 5th birthday. In honor of the milestone, our CSO Dan Brett looks back at the most exciting moments so far on the CounterCraft journey. Almost exactly five years ago, David Barroso, Fernando Braquehais and I launched CounterCraft. We spent nearly all of 2015 analyzing its viability, the potential for the technology, and generally wavering on whether to quit our day jobs and go all in. We all lived in different areas of Spain, so we chose a point equidistant from everyone to meet up for a weekend and decide what to do.
Every 11 seconds, ransomware attacks a business, network, organization or person1 . In the United States alone, attacks have nearly doubled in 2020. This problem is on everyone’s mind, as is the question of how to prevent ransomware. Attack trends in ransomware are constantly evolving. While financial institutions have always been a favorite target, threat actors are increasingly going after educational institutions and the healthcare sector. The techniques and practices used are widening, and the ransomware itself is less noisy and smarter than ever.
This has been an interesting year for cybersecurity news, and November is no different. Read on to find out the articles our team has been sharing and talking about at the (Zoom) water cooler. The Expedia/Booking.com breach Millions of Expedia and Booking.com customers’ data has been exposed. Prestige Software, a company responsible for a hotel reservation system used by booking.com and Expedia, was storing extremely sensitive data from as far back as 2013 on a misconfigured Amazon Web Services (AWS) S3 bucket.
You’re a nation-state threat actor trying to break into a NATO network.You get in, but what you don’t know is that you are being observed, and your every step is being manipulated by deception technology. We are proud to announce CounterCraft worked hand-in-hand over the last six months with NATO to design and execute a defense experiment that mimicked this very scenario. Various red teams infiltrated the network and fell for our deception tactics, revealing valuable threat intelligence on what would be, in the real world, very dangerous adversaries.
Page 1 of 10
