Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Email Security

RSA Launches New CyberCrime Intelligence Service

New Service to Help Organizations Identify Data and Systems Compromised by Malware and Online Attacks

New Service to Help Organizations Identify Data and Systems Compromised by Malware and Online Attacks

RSA, The Security Division of EMC (NYSE: EMC) announced a new service designed to help organizations identify computers, information assets and identities compromised by malware and other online attacks. 

The RSA CyberCrime Intelligence Service, available to customers worldwide on May 1st, will help IT professionals further understand and isolate possible points of exposure in their enterprise. 

Advanced forms of malware such as the Zeus Trojan can silently capture a wide variety of data and credentials contained on enterprise computers and laptops, including proprietary information such as legal documents, healthcare records and corporate secrets. However, many organizations are not aware of the impact of malware within their systems that pose a significant threat to their information and bottom line. RSA Anti Fraud Command Center

Recent research by RSA has shown that many organizations are not aware of the impact of malware within their systems and the significant threat to their information and bottom line. The RSA Anti-Fraud Command identified that 88 percent of a group of companies monitored (441 in total) had systems accessed by infected machines and 60% of these firms (299 in total) had experienced stolen email account information. 

“We are seeing a celestial alignment within the world of online fraud which means that a much broader segment of corporate Internet users are being targeted by criminals who are looking to steal more than just credit card numbers and consumer identities. Advanced, stealthy Trojans like Zeus that are detected less than 46% of the time* are readily available to online criminals who are interested in stealing information for illegal gain,” according to Uri Rivner, Head of New CyberCrime Technology at RSA, The Security Division of EMC. 

The results of a recent global survey conducted by Forrester Consulting on behalf of RSA and Microsoft, entitled “The Value of Corporate Secrets,” showed that enterprises are under-investing in the protection of trade secrets. The survey of 305 IT security decision-makers worldwide revealed that enterprises are investing heavily in compliance and protection against accidental leaks of custodial data (such as customer information), but under-investing in protection against theft of far more valuable trade secrets.

“Nearly 90% of enterprises we surveyed agreed that compliance with PCI-DSS, data privacy laws, data breach regulations, and existing data security policies is the primary driver of their data security programs. A significant percentage of enterprise budgets (39%) is devoted to compliance-related data security programs,” according to Forrester Consulting’s study. “But secrets comprise 62% of the overall information portfolio’s total value while compliance- related custodial data comprises just 38%, a much smaller proportion. This strongly suggests that investments are overweighed toward compliance.”

“Companies are spending money to protect customer, medical and payment card information, as they should, but more emphasis needs to be placed on protecting the intellectual property and data that has intrinsic value to an organization,” said Sam Curry, CTO, Marketing, RSA, The Security Division of EMC. “If IP is lost, it can cause long term competitive harm to an organization. The recent and highly-sophisticated intellectual property attacks targeting large multinational companies are examples of this type of loss.” 

Advertisement. Scroll to continue reading.

The RSA CyberCrime Intelligence Service platform is based on the RSA FraudAction service and leverages 24×7 monitoring and detection, alerts and reporting provided by RSA’s fraud analysts. The service is designed to identify a subscribing organization’s compromised computers and user credentials including those that are leveraged via remote access. It provides information security professionals with actionable knowledge and information to adjust policies and controls to prevent the loss of data to malware and careless employee activities. Security managers can use the information and analysis provided by the service to react to and remediate potential data exposures, employee identity theft, as well as infected corporate resources. 

*Source: Zeus Tracker

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.