ACID Proactive Cyber Protection
ACID performs continuous monitoring of numerous sources and platforms to detect attacks as early as in their planning stage. Real-time, detailed alerts allow you to take action to thwart the attacks or mitigate their consequences.
“Cybercrime is the greatest threat to every company in the world”
IBM’s chairman, president & CEO, Ginny Rometty
Cybercriminals, and increasingly – cyberterrorists, are constantly looking for new methods of attack and vulnerable points of entry into their chosen victims’ systems. In this cat-and-mouse game, they try to keep one step ahead of cybersecurity professionals, while these invest intensive efforts to preempt the attacks and prevent the adversaries from succeeding. They face formidable challenges.
2020 was a record-breaking year in terms of the number of cyber attacks on companies, government, and individuals (Forbes), as well as in the number of data records breached – 36 billion in the first six months of the year alone (Varonis). A sizable share of this increase is attributed to the effects of the Covid-19 pandemic and the shift to a remote workforce, which has presented hackers with additional vulnerabilities to exploit. In April 2020 alone, half a million Zoom user accounts were compromised and sold on the Dark Web (CPO Magazine). Remote workers have caused a security breach in 20% of organizations (Malwarebytes).
According to the FBI, there has been a fourfold increase in cybersecurity complaints since the beginning of the pandemic, and the global losses from cybercrime in 2020 exceeded $1 trillion.
The number of reports of identity theft received by the US Federal Trade Commission in 2020 – 1.4 million – was double the number reported in 2019.
A further challenge is presented by the expected growth in the number of Internet connected devices, from 31 billion in 2020 to 35 billion in 2021 and 75 billion in 2025 (Security Today).
The sophistication of some cybercriminals is demonstrated in a The Hacker News report from August 2021, revealing that Microsoft has disclosed details of an evasive year-long social engineering campaign in which the operators kept changing their obfuscation and encryption mechanisms every 37 days on average, including relying on Morse code, in an attempt to cover their tracks and surreptitiously harvest user credentials. The rising level of sophistication also results from the application of artificial intelligence, machine learning and 5G, and from the increased scope of tactical cooperation between hacker groups and state-backed organizations.
The SolarWinds attack, believed to have originated in March 2020 and detected only months later, is such an example. The attack is attributed by most experts to a group of hackers affiliated with the Russian government, and demonstrates the disastrous, far-reaching consequences of a successful software supply chain attack, for which most organizations are unprepared. According to its own reports, SolarWinds customers include 425 of the US Fortune 500 companies, the top ten US telecommunications companies, the top five US accounting firms, all branches of the US military, the Pentagon, the State Department, and also hundreds of universities and colleges worldwide. The hackers gained access to many SolarWinds clients through a compromised update to the company’s Orion software. Those affected included US government agencies – the Treasury, the Department of Homeland Security, the National Nuclear Security Administration, parts of the Pentagon the State Department and the Department of Energy; as well as large companies, including, among others, Intel, Microsoft and Cisco.
For you, the IT security professional, “know thy enemy” is imperative. You may be receiving updated information from a variety of sources about methods of attack preferred by hostile perpetrators, and the vulnerabilities they successfully exploit.
You, like your colleagues, are most likely scrambling to improve defense mechanisms and close gaps in order to avoid being included in the above statistics. You aim to avoid being a data-breached company that has lost customer confidence, and is at serious risk of losing a sizeable share of its business.
But even with the most updated information on cyber threats, the actions you take may be insufficiently effective, or too late.
This is where ACID comes in.
ACID provides you with real-time information about attacks targeting your organization, even as early as in their planning stage, to enable you to prepare an effective response, mitigate their consequences, and perhaps avoid them entirely.
ACID has developed a platform that monitors arenas that cybercriminals and cyberterrorists visit and operate in. It unleashes clusters of robots and implements advanced AI algorithms to detect the first hints of hostile activity. It then sends alerts in real-time to the intended targets, to enable them to take appropriate advance action. ACID continues round-the-clock monitoring to collect additional information as it becomes available, to allow implementing the most effective counter-measures, for as long as the threat remains.
The global cost of cybercrime is estimated to reach $10.5 trillion annually by 2025 (cybersecurityventures.com), yet a new IDG Research Services survey revealed that despite increased IT security investments in 2020, 78% of senior IT professionals and IT security leaders believe their organizations’ protection against cyber attacks is insufficient (as reported by yahoo! Finance in 2021).
To be effective, cybersecurity must therefore rely heavily on automated, state-of-the-art technological solutions. On ACID.
By providing detailed alerts in real-time, ACID allows the targeted organization’s cyber professionals to dedicate their time and effort to taking the appropriate advance action to counter the threat, instead of spending valuable resources to deal with threats once they materialize and inflict damage.
By allowing organizations to prepare for and effectively deal with planned cyberattacks, ACID allows them to maintain business continuity, which not only benefits their revenues, but also protects their reputation and contributes to customer retention.
With ACID, the organization can make the most of its resources, investing them where they are most needed. Even more importantly, it can potentially eliminate or minimize the high financial cost resulting from a security breach – be it the payment of ransom or the cost of restoring normal operation. This is particularly critical at a time when 77% of surveyed organizations worldwide report that they do not have a cyber security incident response plan applied consistently across the enterprise (report commissioned by IBM).
Constant in-depth monitoring
ACID operates 24/7/365, monitoring the clear, deep and dark web for any hint of hostile activity targeting each of its clients. It constantly updates its technological tools to effectively deal with new and anticipated threats and attack methods.
ACID’s solutions are fully automated. Monitoring takes place 24/7/365 with no need for human intervention, and alerts are automatically sent immediately upon detection of a potential threat. Full automation presents a dual advantage: Client organizations can rest assured that they will receive information on threats without delay; and can optimize their response based on new, updated information supplied to them by ACID as soon as it becomes available.
ACID, together with each client, tailors its services to produce optimal results and maximum benefit. Keywords can be easily added, changed or removed, as necessary – at any time.
Intelligence gathering for continuous upgrading
The ACID team gathers and analyzes information concerning new threats and methods of attack on an ongoing basis, also implementing proprietary AI algorithms. We also investigate tutorials that are disseminated among cybercriminals and terrorists, discussions in dark web and deep web forums, and more. Constantly keeping abreast of new developments and analyzing new directions with the most advanced methods at our disposal allows us to keep at least one step ahead of the perpetrators, anticipate new threats and upgrade our detection capabilities.