Products
- Products
  
  Platform
  ShadowPlex Advanced Threat Defense
  Deception for early detection of cyber threats with precision and speed
  
  ShadowPlex Identity Protection
  Visibility, management and protection of identity stores and attack paths
  Acalvio Active Defense Platform
  Comprehensive and Award-winning Distributed Deception Platform
  
  What is Active Defense?
  Active defense detects and diverts attacks.
  
  Why do I need Acalvio Active Defense?
  Active Defense deceives and disrupts attackers.
Solutions
- Technology Solutions
  
  Industry Solutions
  Early Threat Detection
  Detect cyber threats early in the attack lifecycle to prevent adversary breakout
  
  Identity Threat Detection & Response
  Detect identity threats with precision and protect the identity architecture
  
  OT Security
  Protect OT environments from cyber threats with an easy-to-deploy and non-intrusive solution
  
  Red Teaming
  Strengthen defenses to detect red team activities
  
  Threat Hunting
  Active threat hunting to confirm latent threats and gain visibility to attacker TTPs
  
  Ransomware
  AI-driven deception to protect against known and zero-day ransomware variants
  
  Honeytokens for CrowdStrike
  Enterprise-scale honeytokens to protect against current and evolving identity threats
  
  Active Directory Protection
  Visibility to AD attack surface and detection of AD attacks
  
  Zero Trust
  Advance Zero Trust maturity through improved cyber visibility
  
  Insider Threats
  Unmask hidden dangers. Cyber deception for high-fidelity insider threat detection
  Public Sector
  Targeted solution for protecting Federal agencies in conformation with NIST and CISA recommendations
  
  Financial Services
  Transform Financial Cybersecurity with Innovative Cyber Deception and Active Defense
  
  Healthcare
  Active defense solutions thwart healthcare attacks before they can inflict real damage.
Resources
Partners
Company

COVID-19: An Ounce of Prevention is Worth a Pound of Cure

by Team Acalvio | March 27, 2020

What to do to get in front of today’s Corona-related threats

Perhaps the hacker’s motto should be “Don’t Let a Good Crisis Go to Waste”. That seems like a good choice given the rash of campaigns scams now in the wild that leverage the Coronavirus. Fear and the desire for information create a fertile environment in which to use social engineering to mount a successful attack. The methods seen in the last few weeks include the following:

Fake COVID-19 Information websites that host malware
Brand hijacking and abuse
Brand hijacking and abuse

Risk Management and Prioritization

For enterprise IT Security professionals, the questions (as always) boil down to risk management and prioritization. What steps should (not “could”) be taken to mitigate the threat most effectively? The answer depends on what industry you are in. If you’re in healthcare and pharma, you must be very vigilant with respect to brand protection, and to specific attacks (usually email-borne) that take advantage of the information needs of your staff. Large research institution also fall into this category, as does state and local government.

On the other hand, a few other responses are basically no brainers for everyone:

Training: Now is a perfect time to give everyone a refresher on email and web policies and expectations of employees for avoiding attacks. If you’re not thrilled with the vendor you use, why not scan the market and see which alternatives have already updated their material to discuss Coronavirus?
E-mail Defenses: Phishing and spear-phishing using the COVID-19 content as the lure are rampant. Evaluate if your solution is effectively blocking them, and if your employees are doing their part to alert the IR/SOC team to scams that they find in their inbox.
Malware Detection: In an enterprise environment, the biggest risk is that a campaign that leverages the Coronavirus situation will plant malware designed to persist, and to execute later stages of the kill chain opportunistically. Detecting such malware is all the more important given these new insertion strategies based on the virus situation.
Obviously Deception solutions play a critical role as a malware detection strategy. The paradigm of “assume they will get in” has never been more relevant. Deception solutions such as Acalvio’s provide malware detection capability both on-prem and in the cloud, without agent software or in-line appliances. That means that if you decide you need to ramp up your malware defenses to get in front of these new attacks, you can scale up quickly and at very low risk to application availability. Another further advantage is that you don’t have make any changes in order to deal with the crisis at hand.

In Summary

In summary, “The more things change, the more they stay the same”. Keep those internal defenses vigilant and operationally efficient, freeing up time and resources to maintain flexible response.