A recent Forbes article states – “The bottom line is that investing in securing perimeters leaves the most popular attack vector of all unprotected, which are privileged credentials.” We could not agree more.Some of the solutions proposed in the article, however, do not prevent privileged credential attacks – they just detect attacks, maybe, once they have occurred.
Numerous media sources are reporting newly discovered Exchange malware, called LightNeuron, believed to have been created by a Russian hacking organization known as Turla.
LightNeuron is a “backdoor” that allows attackers to read and modify any email passing through compromised Microsoft Exchange servers. The malware also allows attackers to create and send new emails, as well as to block emails so that intended recipients do not receive them. Researchers who discovered LightNeuron believe that this malware has been in use since 2014!
Cord3’s UNITY Email solution protects emails with encryption before they reach the Exchange server, so even a LightNeuron-compromised server cannot read emails protected by Cord3.
While LightNeuron is one specific attack vector, Cord3’s general approach prevents all sorts of attacks on email servers from accessing sensitive emails, including attacks using privileged administrator credentials.
Cord3’s solutions separate data security away from users, applications, and servers. It is this approach that mitigates traditional attack vectors, newly discovered attacks like LightNeuron, and even new attacks to come in the future. If Turla has determined techniques to install malware on Exchange servers, it is reasonable to believe others will follow in their footsteps and generate similar attacks.
Email is an entrenched business tool. Organizations cannot just turn off email. The best solution against LightNeuron and other backdoor attacks is to protect sensitive emails before they reach the Exchange server with software that is easy to deploy and easy to use – Cord3’s UNITY Email solution is exactly that solution!
Cord3 was selected by the Ontario Provincial Government to participate in its pavilion at the RSA Conference in San Francisco from March 5 – 7, 2019. The pavilion is booth #1953 in the South Hall of the Moscone Center.
4 March 2019 – Cord3 announced today that its cryptographic module is fully validated by NIST to the FIPS 140-2 standard. Cord3’s FIPS 140-2 certificate is #3369.
Innovation City – August 7 – 8, Mandalay Bay, Las Vegas
Cord3 will exhibit its cyber security solutions at Black Hat in Las Vegas from August 7 – 8, 2019. Cord3’s booth is located in Innovation City (booth #IC2001) in the Mandalay Bay Convention Center.
“Our value proposition is that we keep the responsibility for protecting data – and this includes management of cryptographic keys – in the hands of the owner,” Rankin explained. “For any enterprise users who choose not to trust their data to the cloud, we are a great option.” I agree with his assessment, and this will become a more powerful statement as the company expands its use-cases to additional local and cloud computing options.
- Protect Your Data from Privileged Credential Attacks – Detecting Attacks is Too Late!July 5, 2019 - 11:05 am
- LightNeuron malware – Cord3’s Solution!May 15, 2019 - 2:44 pm
- The Cloud & Privileged Credential AbuseFebruary 28, 2019 - 4:23 pm
- Cord3 to Exhibit at RSA Conference 2019February 28, 2019 - 2:34 pm
900 Morrison Drive Suite 206
+1 343 488 8720