Intrusic Explores Covert Techniques Used to Conduct Corporate Espionage.
Intrusic, the first and only security software company to specifically target the Insider Threat, today announced the fourth part of its "Inside the Insider Threat" educational initiative that explores information interception. Malicious hackers use these covert techniques for obtaining and utilizing corporate information necessary to carry out reconnaissance activities within internal corporate networks. When employees are on the inside of a network, they feel safer transmitting critical and proprietary information and are more likely to exchange valuable information. Interception of these communications on an internal network represents a large financial and operational risk.
The Insider Threat is anyone--from hackers to rogue employees--who compromise an organization's internal infrastructure and then set up shop undetected in the data center where they are free to steal, disrupt or damage mission critical business operations, valuable intellectual property, sensitive documents and personal or corporate information.
Information interception is a covert technique malicious hackers employ as a mechanism to conduct reconnaissance throughout the internal networks of organizations or enterprises around the world. This method allows the intruder to intercept arbitrary information ranging from access credentials to sensitive company materials while remaining undetected by traditional network security. Intercepting information is a good way to obtain access credentials and view information that is thought to be private. A few examples of the information at risk are voice conversations over IP, bank transactions, SSL communications, and email traffic.
"After the network has been entered, a malicious hacker or rogue employee will creep silently throughout the data center with the intent to control the systems they are interested in - this way they can get their hands on the information they desire," said Jonathan Bingham, president of Intrusic. "Employing techniques to intercept information allows them to rapidly seize control of other systems while staying undercover. The implication of having a third party involved in a two party communication can be severely damaging to a company. A good example of this is link layer manipulation."
Link layer manipulation describes the general manipulation of routing infrastructures to promiscuously monitor activity on a switched network. Link layer manipulation is an umbrella term for several specific attacks, such as Address Resolution Protocol (ARP) Cache Poisoning, and Media Access Control (MAC) Flooding. These techniques are designed to intercept packet data destined for another system.
Guarding Against Information Hijacking
Information interception is extremely difficult to identify. Experienced network administrators can perform sophisticated manual actions to detect certain isolated occurrences of malicious hackers using the method, but the processes take a long time and results are sporadic. Zephon tracks information interception across the entire network, arming security professionals with the information necessary to remove the insider.
Zephon copies traffic from the internal network and then deploys sophisticated, corollary analysis to determine if host systems have been compromised. The result of the analysis is a complete, easy to understand assessment of the nature, scope and extent of a compromise providing companies with all of the tools necessary to prevent the damage before it is done. Zephon is the only product capable of detecting the dangerous action of "sleeper cells" which employ techniques such as stateless attacks - commonly regarded as the stealthiest way in and out of an organization's network.
Zephon is commercially available now. Pricing is set on a per-server licensing fee. For more information, contact Intrusic at firstname.lastname@example.org.
Intrusic, Inc., based in Waltham, Mass., was founded by a group of security experts in 2002 to create a solution to one of the most insidious threats to global networks, the "Insider Threat." The real danger to enterprises, organizations and governments goes beyond perimeter attacks, but to unauthorized intruders already inside networks engaging in "noiseless action," the execution of internal espionage. Intrusic's world-class executive team has developed Zephon, a ground-breaking solution to identify compromised networks and map the full extent of the breach by providing full forensics. For more information visit us at www.intrusic.com. To stay informed with the latest from Intrusic, and to receive our newsletter, contact email@example.com.
|Printer friendly Cite/link Email Feedback|
|Date:||Jul 19, 2004|
|Previous Article:||Symyx Technologies and BP Extend Research and Development Collaboration.|
|Next Article:||TuVox Taps Joseph McCarthy for Vice President of Finance.|