{"id":824,"date":"2020-05-07T11:58:53","date_gmt":"2020-05-07T09:58:53","guid":{"rendered":"https:\/\/lab52.io\/blog\/?p=824"},"modified":"2020-05-07T17:18:06","modified_gmt":"2020-05-07T15:18:06","slug":"how-lab52-free-service-can-protect-your-organization","status":"publish","type":"post","link":"https:\/\/lab52.io\/blog\/how-lab52-free-service-can-protect-your-organization\/","title":{"rendered":"How Lab52 free service can protect your organization"},"content":{"rendered":"\n

Advanced Persistent Threats (APT) represent a risk to organizations, but they can not be deal with the same tools as generic malware. The main difference lies in the financial support they have (for example, governments or organized crime)<\/p>\n\n\n\n

Among the activities of the APT, one could highlight both espionage that provides strategic and political advantage between different states with cyber-offensive capabilities, and the economic retribution that they can obtain from the attacks.<\/p>\n\n\n\n

The study of APT seeks to understand the groups in order to understand what their objectives are, what information they handle, their operations, their tactics and procedures\u2026 In short, the intelligence extracted from this study allows security teams to anticipate their campaigns.<\/p>\n\n\n\n

But how do you know if your company is a target of any of these groups?<\/p>\n\n\n\n

From Lab52, we launched a web portal where you can model your company to cross with our database of attacks, updated in real time, and check which APT groups might have an interest in your company and to what degree.<\/p>\n\n\n\n

In this way, you can draw up an effective defence plan that has to answer the question of \u201cWhere do I start?\u201d<\/p>\n\n\n\n

Let’s look at an example. <\/p>\n\n\n\n

Let’s assume that our organization is part of the government of Spain. <\/p>\n\n\n\n

\"\"<\/figure><\/div>\n\n\n\n

By modeling our company, we would come up with a series of results which show that there are multiple APT groups that might be interested in attacking us.<\/p>\n\n\n\n

\"\"<\/figure><\/div>\n\n\n\n

But, as we have said, we have to focus our defense strategy. This is where Lab52’s scoring system comes in.<\/p>\n\n\n\n

\"\"<\/figure><\/div>\n\n\n\n

There\nare four levels of criticality, taking into account the\ncharacteristics of your organization and\nthe information associated with the different groups. From\nthis, the following levels are obtained to assess the risk of your\norganization being a target for that APT group:<\/p>\n\n\n\n

\t–Red<\/strong>: there\nis a very high risk. They have previously targeted organizations\nin that sector and in that country.<\/p>\n\n\n\n

\t–Orange<\/strong>:\nthere is a high risk. They have previously attacked organization\nin that sector or in that country.<\/p>\n\n\n\n

\t–Yellow<\/strong>:\nthere is a medium risk. They have carried out attacks towards\ncountries with strong relations with those of that country, or shares\nstrong links with the indicated sectors.<\/p>\n\n\n\n

\t–Green<\/strong>:\nthere is a moderate risk. It has carried out attacks towards\ncountries with some relations with those of that country, or shares\nsome links with the indicated sectors.<\/p>\n\n\n\n

In this way, it is possible to establish which are the main groups on which defence efforts should be focused, in addition to being able to download the commitment indicators associated with that group. All this is free of charge.<\/p>\n\n\n\n

\"\"<\/figure><\/div>\n\n\n\n

\tHowever, it could\nbe argued that only large companies are targeted by the more\nsophisticated APT groups.<\/p>\n\n\n\n

Let us now assume that our company is located in Bulgaria and is engaged in the consulting sector. <\/p>\n\n\n\n

\"\"<\/figure><\/div>\n\n\n\n

In this case, the level of risk for APTs does not seem to be high.<\/p>\n\n\n\n

\"\"<\/figure><\/div>\n\n\n\n

However, let us now assume that the companies to which the consultancy services are provided are located in France and are engaged in the banking sector.<\/p>\n\n\n\n

\"\"<\/figure><\/div>\n\n\n\n

In this case, it can be seen how the risk of being attacked by a particular APT increases.<\/p>\n\n\n\n

\"\"<\/figure><\/div>\n\n\n\n

This is just one\nexample of many: companies that are involved in transport, but\ntransport military equipment; companies that are involved in\nsoftware, but are subcontracted by governments; academic companies,\nbut work with the aerospace sector.<\/p>\n\n\n\n

\tThey all share the\nsame idea: we may not initially consider that our company can be\ntargeted by an APT group, but who we work with greatly influences our\nvalue.<\/p>\n\n\n\n

\tMultiple incidents\noccur where a company has multiple security measures in place, but is\nnevertheless more “open” in communicating with one of its\nsuppliers, which can be an interesting backdoor for groups whose sole\nobjective is to gain access to the most confidential information.<\/p>\n\n\n\n

\tFinally, it is\nworth noting the fact that the geopolitical context changes every\nday, you may not be objective today but you will be tomorrow. \n<\/p>\n\n\n\n

To be aware of the new APT groups and their campaigns, we recommend you to subscribe to our feed, which will keep you updated on new IOCs that may compromise you, or new groups that may affect your company.<\/p>\n\n\n\n

\"\"<\/figure><\/a><\/figure><\/div>\n","protected":false},"excerpt":{"rendered":"

Advanced Persistent Threats (APT) represent a risk to organizations, but they can not be deal with the same tools as generic malware. The main difference lies in the financial support they have (for example, governments or organized crime) Among the activities of the APT, one could highlight both espionage that provides strategic and political advantage […]<\/p>\n","protected":false},"author":6,"featured_media":838,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[1],"tags":[],"class_list":{"0":"post-824","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-uncategorised","8":"entry"},"featured_image_src":"https:\/\/lab52.io\/blog\/wp-content\/uploads\/2020\/05\/Selection_036.png","featured_image_src_square":"https:\/\/lab52.io\/blog\/wp-content\/uploads\/2020\/05\/Selection_036.png","author_info":{"display_name":"Dex","author_link":"https:\/\/lab52.io\/blog\/author\/dex\/"},"_links":{"self":[{"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/posts\/824"}],"collection":[{"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/comments?post=824"}],"version-history":[{"count":2,"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/posts\/824\/revisions"}],"predecessor-version":[{"id":837,"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/posts\/824\/revisions\/837"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/media\/838"}],"wp:attachment":[{"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/media?parent=824"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/categories?post=824"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/tags?post=824"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}