Guest blog: Threat intelligence – a unifying force of the future

Posted by    on   Oct 4, 2019

In a guest blog post VB2019 Platinum partner Reason Cybersecurity looks to the future of threat intelligence.

 

The advent of the Internet and Internet-enabled technologies not only ushered in the era of cyberattacks, but it also influenced the development of complex systems that are frustratingly and increasingly difficult to secure and protect against these attacks. Recent sobering statistics from Hashed Out attest to this trend: security breaches have increased by 67% in the past five years; cybercrime damages are predicted to reach US$6 trillion by 2021; one in 302 emails targeting public administration users are malicious; ransomware attacks are expected to see a fivefold increase by 2021; in 2019, 1.6 billion email addresses and passwords were exposed in a massive data breach called 'The Collection'; and the list goes on.

In response to these complex and continuously evolving cyber attacks, we have seen a substantial rise in the number of cybersecurity labs around the world, which speaks to the need for a well-established, world-class, 'industrial strength' research lab that is able to identify, detect and protect against malware in real time. Real-time threat detection is an efficient way to fight cybercrime proactively. With real-time protection, we can obtain intelligent, fresh, and actionable information that can be used to counter attacks and repel future attacks. Relentless, targeted, and disruptive cyber threats have become the new digital reality, and they require an equally relentless, directed, and innovative defence.

 

Introduction

Against this backdrop of cybersecurity threats, challenges, developments and changes emerged cybersecurity labs, which create safe environments for learning about and engaging in cyber defence-related activities such as malware detection and remediation. These labs are designed to address the always evolving and always critical need for improved cyber threat intelligence, as well as the need for cybersecurity training and education.

Reason Labs is the threat research division of Reason Cybersecurity, a leading cybersecurity company focusing on endpoint privacy protection. Reason’s objective is to address a dynamic threat landscape with advanced and innovative technology and to encourage in-depth digital literacy about today’s cybersecurity issues.

 

From a private malware sample collection to global threat intelligence

Reason Labs’ massive data collection started 20 years ago when Andrew Newman, then a young cybersecurity researcher, started collecting and classifying malware samples. Those samples eventually became the basis of Reason Labs’ massive data collection and formed the foundation for Reason’s powerful AV engine and cloud detection technology.

Today, using a powerful, robust AV engine, Reason Cybersecurity protects over 100 million users across 180 countries. The engine classifies unknown malware threats and delivers immediate threat alerts by relying on deep intelligence and data analysis along with advanced technologies such as predictive threat determination and contextual reputation metrics.

Reason’s multi-dimensional intelligence is based on the reverse engineering and analysis of cyber attacks, our internal networks, real-time behavioural analysis, and machine learning models developed by some of the best minds in the industry, and provides its users with comprehensive, vigorous protection from both known and zero-day threats. Access to this powerful, multi-layered intelligence is enabled via Reason’s cloud-based API.

 

Paving the way to better cybersecurity

The intelligence community’s continued and expanding need to improve cyber threat surveillance and detection prompted Reason Labs to share its cyber intelligence, research, and technologies, including its constantly expanding library of cyber threats, and to develop a large network for updating and exchanging security information on an ongoing basis.

Today, sharing among anti-virus labs is becoming more commonplace and contributes to a unique synergy in the cybersecurity intelligence community. Cybersecurity companies are starting to actively collaborate towards a common goal: to develop a powerful and swift defence against a ‘Wild West’ landscape of cybersecurity threats that are increasingly potent and dangerous.

 

The future of threat intelligence

In spite of this unique synergy and collaboration, the future of threat intelligence is still a pressing issue. Cybersecurity defenders are in a perpetual race to stay one step ahead of threat actors, which means that the need to improve cyber threat detection methods remains both constant and urgent. As one of the leaders in that race, Reason uses cutting-edge technologies such as behavioural analysis, cloud-based security services, and predictive, reputation-based threat intelligence in order to classify, detect and neutralize cyber threats.

Reason is also committed to bolstering the capacity of the cyber intelligence community and devotes its considerable talent, expertise, and resources towards building a future cybersecurity that is stronger, faster, and better prepared to face coming cybersecurity threats.

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VB2019 paper: Fantastic Information and Where to Find it: A guidebook to open-source OT reconnaissance

A VB2019 paper by FireEye researcher Daniel Kapellmann Zafra explained how open source intelligence (OSINT) can be used to learn crucial details of the inner workings of many a system. Today we publish Daniel's paper and the recording of his…

VB2019 paper: Different ways to cook a crab: GandCrab Ransomware-as-a-Service (RaaS) analysed in depth

Though active for not much longer than a year, GandCrab had been one of the most successful ransomware operations. In a paper presented at VB2019 in London, McAfee researchers John Fokker and Alexandre Mundo looked at the malware code, its evolution…

VB2019 paper: Domestic Kitten: an Iranian surveillance program

At VB2019 in London, Check Point researchers Aseel Kayal and Lotem Finkelstein presented a paper detailing an Iranian operation they named 'Domestic Kitten' that used Android apps for targeted surveillance. Today we publish their paper and the video…

VB2019 video: Discretion in APT: recent APT attack on crypto exchange employees

At VB2019 in London, LINE's HeungSoo Kang explained how cryptocurrency exchanges had been attacked using Firefox zero-days. Today, we publish the video of his presentation.

VB2019 paper: DNS on fire

In a paper presented at VB2019, Cisco Talos researchers Warren Mercer and Paul Rascagneres looked at two recent attacks against DNS infrastructure: DNSpionage and Sea Turtle. Today we publish their paper and the recording of their presentation.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.