Products
- Products
  
  Platform
  ShadowPlex Advanced Threat Defense
  Deception for early detection of cyber threats with precision and speed
  
  ShadowPlex Identity Protection
  Visibility, management and protection of identity stores and attack paths
  Acalvio Active Defense Platform
  Comprehensive and Award-winning Distributed Deception Platform
  
  What is Active Defense?
  Active defense detects and diverts attacks.
  
  Why do I need Acalvio Active Defense?
  Active Defense deceives and disrupts attackers.
Solutions
- Technology Solutions
  
  Industry Solutions
  Breach Detection
  Active Defense for breach detection and response, both in on-premises and cloud workloads
  
  Identity Threat Detection & Response
  Visibility into Identity attack surface and effective detect & respond solution for identity attacks
  
  OT / ICS Security
  Passive and low-risk agentless solution that is easy to deploy
  
  Active Directory Protection
  Visibility into AD attack surfaces and detection of AD Attacks
  
  Threat Hunting
  Active threat hunting, based on targeted deception, to confirm hunting hypothesis
  
  Ransomware
  AI-Driven Advanced Deception Technology to combat even zero-day Ransomware
  
  Honeytokens for CrowdStrike
  Honeytokens are deceptive credentials and data that are embedded in legitimate assets
  Public Sector
  Targeted solution for protecting Federal agencies in conformation with NIST and CISA recommendations
  
  Healthcare
  Active defense solutions thwart healthcare attacks before they can inflict real damage.
Resources
Partners
- Strategic Partners
- Technology Partners
Company

COVID-19: An Ounce of Prevention is Worth a Pound of Cure

by Team Acalvio | March 27, 2020

What to do to get in front of today’s Corona-related threats

Perhaps the hacker’s motto should be “Don’t Let a Good Crisis Go to Waste”. That seems like a good choice given the rash of campaigns scams now in the wild that leverage the Coronavirus. Fear and the desire for information create a fertile environment in which to use social engineering to mount a successful attack. The methods seen in the last few weeks include the following:

Fake COVID-19 Information websites that host malware
Brand hijacking and abuse
Brand hijacking and abuse

Risk Management and Prioritization

For enterprise IT Security professionals, the questions (as always) boil down to risk management and prioritization. What steps should (not “could”) be taken to mitigate the threat most effectively? The answer depends on what industry you are in. If you’re in healthcare and pharma, you must be very vigilant with respect to brand protection, and to specific attacks (usually email-borne) that take advantage of the information needs of your staff. Large research institution also fall into this category, as does state and local government.

On the other hand, a few other responses are basically no brainers for everyone:

Training: Now is a perfect time to give everyone a refresher on email and web policies and expectations of employees for avoiding attacks. If you’re not thrilled with the vendor you use, why not scan the market and see which alternatives have already updated their material to discuss Coronavirus?
E-mail Defenses: Phishing and spear-phishing using the COVID-19 content as the lure are rampant. Evaluate if your solution is effectively blocking them, and if your employees are doing their part to alert the IR/SOC team to scams that they find in their inbox.
Malware Detection: In an enterprise environment, the biggest risk is that a campaign that leverages the Coronavirus situation will plant malware designed to persist, and to execute later stages of the kill chain opportunistically. Detecting such malware is all the more important given these new insertion strategies based on the virus situation.
Obviously Deception solutions play a critical role as a malware detection strategy. The paradigm of “assume they will get in” has never been more relevant. Deception solutions such as Acalvio’s provide malware detection capability both on-prem and in the cloud, without agent software or in-line appliances. That means that if you decide you need to ramp up your malware defenses to get in front of these new attacks, you can scale up quickly and at very low risk to application availability. Another further advantage is that you don’t have make any changes in order to deal with the crisis at hand.

In Summary

In summary, “The more things change, the more they stay the same”. Keep those internal defenses vigilant and operationally efficient, freeing up time and resources to maintain flexible response.