Free Newsletters for the Channel
Register for Your Free Newsletter Now
Secureworks is helping organizations cope with business disruption and remote workforce expansion.
April 2, 2020
More organizations in the channel are stepping forward with offers to help remote workers deal with cybersecurity challenges due to the COVID-19 pandemic.
Secureworks is modifying its remote workforce security, incident response, and managed detection and response (MDR) solutions to reduce the financial burden and speed of deployment to protect vulnerable organizations. Those include health organizations, schools, and state and local governments.
Secureworks is offering the following solutions:
Flexible incident response to help organizations reduce response time in the event of an incident.
Rapid monitoring deployment services.
Remote access vulnerability to assess vulnerabilities more quickly so organizations can test the security of their remote work environment.
Remote consulting engagements to assist in establishing governance, business continuity and disaster recovery plans for remote work environments.
Maureen Perrelli, Secureworks’ senior vice president and chief channel officer, tells us her company’s solutions are designed to ensure partners and customers stay protected from opportunistic threat actors.
Secureworks’ Maureen Perrelli
“First and foremost, we recognize the need for customers to rapidly adjust their security priorities as they adopt remote working practices, while not compromising their overall cybersecurity strategy,” she said. “We also have recommended that they stress to their employees that they stay vigilant and monitor cyberattacks that exploit COVID-19 and promote misinformation.
Perrelli said partners are better able to maintain business continuity and reach out to new customers with Secureworks solutions.
“As threat actors take advantage of the current COVID-19 environment, we have worked to ensure that our solutions promote growth and progression for partners as well as customers,” she said. “Using our rapid monitoring and deployment service, we provide partners additional peace of mind with their security so they can focus on new business opportunities and look toward the future,” she said. “Additionally, our flexible incident response program allows businesses to access security benefits, enable remote execution and mitigate cyber risk efficiently and cost-effectively.”
Infiltration and elevation: brute force, adding users and privileges to groups, and staging malware.
Reconnaissance: accessing files in unusual ways, and listing users, files and shares.
Persistence and evasion: installing apps to keep access, changing policy and logging, turning off data loss prevention.
Exfiltration and destruction: creating mail sinks, sharing and downloading files.
Vectra’s Cognito Detect uses AI and threat research to detect and prioritize attacks in real-time. This SaaS-based program delivers daily reports and the support of Vectra’s consulting analysts.
Vectra’s Jennifer Geisler
“We all need to be sensitive to the needs of people in this current environment.” Jennifer Geisler, Vectra’s CMO, said.
“This is an opportunity for a partner to work with their existing clients and offer a Vectra service for free that provides immediate value and understanding of the risks of this new work-at-home paradigm,” she added. “If the client sees a long-term value in the service, than we will work with the partner in converting that offer into a revenue stream.”
Microsoft 365 accounts provide direct access to files and data that are priority targets of theft or ransom, Geisler said. These accounts also provide cybercriminals the ability to move laterally to other users by either poisoning internal content or reply-jacking internal email threads, she said.
“Many products focus on preventing compromise of Microsoft 365 accounts and limiting the types of content shared in the cloud,” she said. “However, when prevention fails – as it inevitably will – visibility and detection to find and stop the compromises before damage is done is extremely limited.”
Microsoft 365 is now the largest attack surface to focus on, she said.
“Everything is there, and that is the new way to move laterally between users,” she said. “Therefore, it is going to get a lot more attention (it was already a prime target) than ever before. Again, visibility into what is occurring and what can go wrong are key.”
More cybercriminals are targeting telecom companies striving to …
… keep services up for a dramatically increased remote workforce. Positive Technologies‘ analysis of real attacks against mobile network operators (MNOs) and subscribers shows on average there are more than 1,400 attempts on subscriber location tracking daily.
Eighty-six percent of networks are vulnerable to traffic interception where criminals can steal one-time passwords and account credentials. In addition, nearly 100% of networks are vulnerable to spoofing and impersonation, techniques that are used together with social engineering to commit fraud.
Michael Downs, Positive Technologies’ managing director of U.K. and EMEA, tells us MNOs have generally become more vulnerable to cyberattacks over the last three years, which means that their customers also are more vulnerable by extension. Cybercriminals constantly are evolving their hacking techniques at a faster pace than MNOs are deploying new protection measures, he said.
Sign up for Channel Futures’ new EMEA newsletter, where we feature news and analysis involving companies based in Europe, the Middle East and Africa, as well as those doing business in that region.
Positive Technologies’ Michael Downs
“Security must be a priority during network design,” he said. “This is truer now than ever, as operators are tasked with keeping services running during the pandemic, and also as they begin to tackle construction of 5G networks. Attempts to implement security as an afterthought at later stages may cost much more. Operators will likely need to purchase additional equipment, at best. At worst, operators may be stuck with long-term security vulnerabilities that cannot be fixed later.”
Signaling attacks cause denial of service for customers. They also enable outsiders to track subscriber location, intercept text messages and obtain sensitive subscriber information, Downs said.
“These vulnerabilities have already been leveraged to criminally obtain access to bank accounts of network subscribers,” Downs said. “In some cases, attackers can also downgrade users to insecure 3G networks. Today, mobile operators do not have the resources and operator equipment to perform a deep dive analysis of traffic, which makes it difficult for them to be able to distinguish between fake and legitimate subscribers.”
Positive Technologies’ analysis of mobile networks has observed a low standard of security even in cases where expensive solutions had been implemented to filter signaling traffic.
“This speaks to the fact that a systematic approach to security has not been taken,” Downs said. “Proper network security is impossible without an understanding of both the relevant security threats and the holistic approach needed to resolve them.”
Other channel companies pitching in during the pandemic include:
Email security provider Vade Secure‘s new Current Events feature provides MSPs and administrators with increased visibility into all email traffic. This happens during a surge in all types of email communication, both legitimate and malicious.
Darktrace has made its full suite of solutions available for virtual deployment in direct response to the rise of remote working. Remote-working security teams can access cyber AI, letting them realize meaningful results in a matter of days.
You May Also Like
Cloud Computing News: AWS Loses Another Key Exec to Azure; Canalys, Vega Cloud, Hyve NewsFeb 23, 2024
Channel Futures Reveals 2024 Circle of Excellence InducteesFeb 23, 2024
Canalys Channel Leadership Matrix Names AWS, Cisco, HP Among 'Champions'Feb 22, 2024
CrowdStrike, SonicWall Cyber Threat Reports Highlight Attacks, Popular TacticsFeb 21, 2024