New infosec products of the week: October 16, 2020

Cyborg Security launches HUNTR platform to help orgs tackle cyber threats

Cyborg Security’s HUNTR platform provides advanced and contextualized threat hunting and detection packages containing behaviorally based threat hunting content, threat emulation, and detailed runbooks, supplying organizations what they need to evolve their security analysts into skilled hunters.

infosec products October 2020

Cloudflare One: A cloud-based network-as-a-service solution for the remote workforce

As more businesses rely on the internet to operate, Cloudflare One protects and accelerates the performance of devices, applications, and entire networks to keep workforces secure. Now businesses can protect their workforce in a flexible and scalable way, without compromising security as distributed teams work from multiple devices and personal networks.

infosec products October 2020

Booz Allen Hamilton unveils SnapAttack, bringing together red and blue security teams

By unifying the security lifecycle into a single solution, SnapAttack enables red and blue teams to work together, emulating attacks from intelligence data, sharing insights of malicious behavior, and developing vendor-agnostic behavioral detection analytics to stop advanced adversaries.

infosec products October 2020

BAE Systems unveils cyber-threat detection and mitigation solution for U.S. military platforms

The Fox Shield suite is designed to help platforms detect, respond, and recover from cyber attacks in real time. The system’s cyber resilience capabilities can be integrated into ground, air, and space vehicles to protect our warfighters and platforms from cyber attacks designed to access and degrade mission capabilities.

infosec products October 2020

Shujinko AuditX: Simplifying, automating and modernizing audit preparation and compliance

AuditX automates evidence collection, maps evidence across multiple controls and across different standards, streamlines audit workflow and clarifies communication across teams and with auditors. AuditX organizes evidence in a centralized library for final readiness review and provides a 360-degree dashboard to make the entire process highly visible and predictable.

infosec products October 2020

Masergy extends the value of Masergy SD-WAN Secure to home and mobile users

Masergy’s Work From Anywhere solutions include SD-WAN Secure Home for executives and power users requiring unwavering reliability from their home office connections and SD-WAN On the Go for mobile users needing secure access to corporate and cloud applications.

infosec products October 2020

C2A Security launches AutoSec, an automotive cybersecurity lifecycle management platform

C2A Security announced the launch of its flagship cybersecurity product, AutoSec, a cybersecurity lifecycle management platform. AutoSec meets the rapidly-evolving challenges of vehicle cybersecurity with an open platform that empowers industry stakeholders to identify and mitigate cyber attacks.

infosec products October 2020

BAE Systems unveils cyber-threat detection and mitigation solution for U.S. military platforms

BAE Systems has unveiled a next-generation cyber-threat detection and mitigation solution for U.S. military platforms.

The Fox Shield suite is designed to help platforms detect, respond, and recover from cyber attacks in real time. The system’s cyber resilience capabilities can be integrated into ground, air, and space vehicles to protect our warfighters and platforms from cyber attacks designed to access and degrade mission capabilities.

“Cyber protection was not necessarily a mission-critical capability when some of these platforms were first developed. That’s why we designed the Fox Shield cyber resilience system to be easily integrated into new and legacy platforms,” said Michael Weber, technical manager for FAST Labs’ Cyber Technology group at BAE Systems.

“Security for our warfighters and their platforms is our mission, and this solution offers valuable protection in the cyber domain.”

The Fox Shield solution is the result of a multi-year effort from BAE Systems’ FAST Labs research and development team. It was developed with ongoing internal investment and builds upon baseline technology that has proven effective on other platforms as previously announced.

The mature detection capability – technical readiness level eight – enables real-time detection of cyber attacks, enabling the platform and users to respond and recover from their effects and ensuring mission continuity.

The detection capability can be implemented on existing platform computer systems or as a stand-alone solution that provides protection while limiting impacts to size, weight, and power constraints.

The Fox Shield cyber resilience suite builds on BAE Systems’ cyber technology portfolio. As part of this program, the company continues to invest in effective response and recovery techniques and has demonstrated proof-of-concept capabilities.

What happens to funds once they have been stolen in a cyberattack?

SWIFT and BAE Systems published a report that describes the complex web of money mules, front companies and cryptocurrencies that criminals use to siphon funds from the financial system after a cyber attack.

cyberattack stolen funds

The report highlights the ingenuity of money laundering tactics to obtain liquid financial assets and avoid any subsequent tracing of the funds. For instance, cybercriminals often recruit unsuspecting job seekers to serve as money mules that extract funds by placing legitimate sounding job advertisements, complete with references to the organization’s diversity and inclusion commitments.

Attackers using untraceable money laundering techniques

They use insiders at financial institutions to evade or undermine the scrutiny of compliance teams carrying out know-your-customer (KYC) and due diligence checks on new account openings. And they convert stolen funds into assets such as property and jewellery which are likely to hold their value and less likely to attract the attention of law enforcement.

Although there has been much research into the methods that cybercriminals use to conduct attacks, there has been less investigation into what happens to funds once they have been stolen.

Brett Lancaster, Head of the Customer Security Programme at SWIFT said: “The threat posed by cyber-attacks to the financial sector has never been greater. Attackers are well-resourced, constantly evolving their modus operandi and using untraceable money laundering techniques.

“The report highlights how the growth in cyber attacks is increasing the need for the convergence of anti-money laundering, fraud and cybersecurity processes in financial institutions. It calls for them to increase information sharing, tighten due diligence requirements and smartly invest in maintaining systems to strengthen their defences.”

Simon Viney, Cyber Security Financial Services Sector Lead at BAE Systems Applied Intelligence said: “The activity from cybercriminals and gangs across the world is estimated to result in over $1.5 trillion dollars in annual losses.

“This report focuses on money laundering related activities necessary for cyber attackers to conduct and ‘cash out’ a successful attack and avoid the money subsequently being traced.

“As technology and criminals’ techniques evolve at a rapid pace, so will the need for institutions, both private sector and law enforcement, to collaborate and maintain awareness of evolving money laundering techniques, in order to reduce the opportunities for threat groups to benefit from committing high-value cyber heists.”

Other findings

  • Front companies – Cybercriminals tend to focus on textile, garment, fishery and seafood businesses to obfuscate funds. They find it easier to operate in parts of East Asia where less stringent regulations make it easier to conduct their activities.
  • Cryptocurrencies – While the number of identified cases of money laundering through cryptocurrencies is low so far, there have been a couple of major incidents involving millions of dollars. Digital transactions are appealing because they are conducted in a peer-to-peer manner that circumvents the compliance and KYC checks conducted by banks, and often require only an e-mail address.
  • Experience – The method chosen by cybercriminals to cash out and spend the stolen funds is indicative of their levels of professionalism and experience. Some inexperienced criminals have immediately made extravagant purchases drawing the attention of law enforcement agencies and leading to arrests.

BAE Systems delivers anti-money laundering regulatory compliance solutions created on AWS

BAE Systems announced a new offering created on Amazon Web Services (AWS) to deliver complete anti-money laundering regulatory compliance solutions.

The solution is supported by the availability, reliability and security of AWS and offers banks and financial institutions the opportunity to quickly stand up an affordable integrated financial crime regulatory compliance solution.

Through this implementation, BAE Systems will provide customers with advisory services, as well as implementation, migration, and management of regulatory and compliance solutions on AWS. By building on AWS, BAE Systems Applied Intelligence offers a flexible commercial model with no upfront costs – minimising an organisation’s capital expenditure and maximising ROI.

Customers will connect quickly with standard regulatory compliance data interfaces, designed specifically for their industry and territory, significantly reducing the effort of internal IT teams with standard data interfaces and full service management.

Once deployed, service levels include hardware and software availability, security patches, support responsiveness, system upgrades, support and maintenance.

Last month, BAE Systems Applied Intelligence announced NetReveal 360°, a complete regulatory compliance solution, packaged to operationalise quickly. Out of the box, customers receive a specifically designed service for the organisation, which includes end-to-end solutions for Customer Due Diligence (CDD), Anti Money Laundering (AML), and Watchlist Management (WLM).

Provisioning, management, and support of both the business solutions and underlying AWS infrastructure is completed by BAE Systems Applied Intelligence to provide customers with a single point of contact and with clear responsibility.

Financial institutions want to focus on delivering outstanding services and experiences to customers and growing their organisations, but at the same time they need to ensure they adhere to the latest regulations and avoid regulatory fines.

In smaller organisations, the challenge is balancing these two things – navigating changing regulations while making the best use of investigative teams in tackling financial crime.

If you are a smaller or emerging financial institution, NetReveal 360° offers an affordable and rapid go-live – for the key elements of fighting financial crime. Larger banks which are looking to deploy standard set ups quickly can enjoy the same benefits that would be gained by smaller banks

With over 20+ years’ experience in financial crime regulatory compliance, BAE Systems Applied Intelligence has a deep understanding of what organisations require to fully comply with applicable anti-money laundering regulations.

At the same time, we understand the challenges financial organisations face in managing a regulatory compliance solution – specifically the need to stand up an affordable integrated financial crime regulatory compliance solution quickly, efficiently and cost-effectively.

Garry Harrison, Managing Director of Financial Services at BAE Systems Applied Intelligence said, “The importance of cloud has never been greater as we continue to outmaneuver the uncertainty caused by the global pandemic; living with increasing levels of financial crime and cyber breaches.

“Cloud technology is vital to helping companies unlock greater efficiency, elasticity and innovation, and drive enduring business change at speed and scale. We are easing the burden of all financial institutions, both large and small, to become and remain compliant against increasing complex regulatory requirements.

“We chose to build on AWS because of their deep technical expertise and global scale. With a strengthened collaboration with AWS, we further enhance our position as a leader in financial services.”

BAE Systems awarded $85M contract to secure transfer of government’s sensitive information

The U.S. Air Force Research Laboratory (AFRL) has awarded BAE Systems a five-year $85 million contract to continue to develop, deploy, modernize, and maintain cross-domain solutions that allow for secure transfer of sensitive information between government networks.

The work on the contract will enable the secure exchange of data—including streaming video, images and audio—to enhance mission collaboration. BAE Systems will also provide research, development, and evaluation of new technologies, including the integration of innovative artificial intelligence and machine learning capabilities.

“As the military cyberspace battlefield expands, we understand how critical it is that secure, innovative intelligence solutions are available to warfighting commands and combat support agencies to communicate safety and effectively,” said Pete Trainer, vice president and general manager of BAE Systems’ Air Force Solutions business.

“We are pleased to continue our long-standing partnership with the Air Force Research Laboratory and provide our expertise in high-assurance, cross-domain technologies to meet this new mission need. Our services will provide end-users access to virtual information and analysis faster, allowing them to make informed decisions quickly.”

BAE Systems is a leading systems integrator supporting militaries, governments, and U.S. intelligence community members across the globe. The company’s advanced technologies and services protect people and national security, and keep critical information and infrastructure secure across air, land, sea, space, and cyber domains.

BAE Systems to help detect weapons of mass destruction with advanced analytics technology

BAE Systems has received funding from the U.S. Defense Advanced Research Projects Agency’s (DARPA) Defense Sciences Office to develop advanced analytics technology that will assist in the detection and deterrence of weapons of mass destruction (WMD) activity, helping to ensure national security.

The first-of-its-kind technology will leverage multiple data sources and uses data fusion, adversary modelling, pattern matching, and machine learning techniques to detect and identify indications of chemical, biological, radiological, nuclear and explosive (CBRNE) threat.

As part of DARPA’s SIGMA+ program, the BAE Systems FAST Labs research and development team will work with partners Barnstorm Research and Washington State University to create a technology solution called MATCH (Multi-info Alerting of Threat CBRNE Hypotheses).

MATCH will automatically populate a world graph using sensor and multi-source data to provide analysts visibility into threat activities in a metropolitan region. Using the graph, MATCH will create hypotheses that identify and characterize threatening CBRNE activity.

“Our technology aims to help analysts close the loop between the analysis of information and the collection of new information to fill in the gaps and provide a comprehensive picture of a potential threat,” said Chris Eisenbies, product line director of the Autonomy, Controls, and Estimation group at BAE Systems.

“Most importantly, our solution automates a process that is currently manually intensive, improving an analyst’s ability to quickly and accurately identify CBRNE activity and ultimately, helping to protect our country from these significant dangers.”

Phase 1 research on the SIGMA+ program leverages BAE Systems’ expertise in data fusion, advanced analytics, and resource management as part of its autonomy technology portfolio.

It also builds on a previous work for DARPA’s Insight program and leverages the company’s mature All-Source Track and Identity Fuser (ATIF) and Multi-INT Analytics for Pattern Learning and Exploitation (MAPLE) technologies. Work for the program will be completed at the company’s facilities in Burlington, Massachusetts and Arlington, Virginia.

BAE Systems receives DARPA contract to prevent vulnerabilities in electronic files

BAE Systems has been awarded a contract by the U.S. Defense Advanced Research Projects Agency (DARPA) to develop new cyber tools designed to help prevent vulnerabilities in electronic files that can lead to cyberattacks.

Development of these tools will be part of DARPA’s Safe Documents (SafeDocs) program, which aims to more effectively identify and reject malicious data in a variety of electronic formats.

Every day, individuals and organizations in military, government and commercial industries receive electronic content, such as Portable Document Format (PDF) and digital media files, from unauthorized or potentially compromised sources, which creates security risks.

As part of the SafeDocs program, BAE Systems’ FAST Labs research and development team will create two different cyber tools. The first tool seeks to recover, simplify, and automatically select safe feature subsets within electronic data formats to help encode the data safely and unambiguously, while the second is a toolkit to help software developers avoid vulnerabilities in the software they create to process complex electronic data.

“Research on the SafeDocs program will leverage BAE Systems’ expertise in cyber, algorithmic, and systems engineering domains to give developers tools that currently don’t exist in government or commercial markets to more easily and efficiently ensure the security of electronic documents,” said Anne Taylor, product line director of the Cyber Technology group at BAE Systems.

“As the creation and use of electronic documents continues to grow every day, so does the risk for potential cyberattacks, making it essential we create solutions that are built with security in mind to help keep content safe.”