Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
You may think that cyber-attacks are someone else’s problem. You would be wrong.
Cyber-attacks are growing in their number, sophistication and diversity of target. The 2013 Verizon report on data breaches made clear that we all need to be on guard for so called “Advanced Persistent Threats” (APTs). In fact, Verizon concluded “We see victims of espionage campaigns ranging from large multi-nationals all the way down to those that have no IT staff at all.”
Verizon’s report groups APT actors in three categories and identifies the industries they focus on. Their targets vary, but when you put them together they don’t leave many of us out.
Other than Agriculture, that’s pretty much everyone.
Most APTs use widely understood and available techniques such as Brute Force hacking, Phishing and SQL Injection to obtain access to networks and confidential data. Verizon makes a particular issue of the vulnerability of most email systems to phishing, where users are tricked into opening malicious email and downloading malware.
Verizon states “More than 95% of all attacks tied to state- affiliated espionage employed phishing as a means of establishing a foothold in their intended victims’ systems.” They conclude that most organizations do a poor job of protecting their email systems from email phishing.
Email phishing is a good example of how APTs are similar to but very different from other types of attacks. Spammers using phishing, but cast a very wide net, pun intended. They obtain emails from a variety of sources and send out their spam everywhere with little or no thought about the recipients.
APTs differ in that they target an organization and areas of that organization. They look for specific individuals in that organization who, if compromised, can best be used to advance the goals of the attack. This requires more patience and, as the name implies, persistence than other hackers.
Hackers will compromise email address books to send out malicious email. My son’s Yahoo email contact list was hacked rently and I received an email that appeared to come from him. In that case, I wasn’t fooled because the message was so generic that it clearly wasn’t from him.
If this was an APT, however, the hackers would go to great lengths to make the subject and message appear plausible. They analyze address book information and use any other information they can obtain about me and my organization. For example, if I receive a message from someone I know in my department telling me to sign up for a tradeshow that our company is actually participating in I could well be fooled into clicking on the link they provide.
And, unlike the common hacker, this is not a one shot attempt. If the tradeshow ruse doesn’t work they might identify the high school or college I went to and use that in their next email. They will come back again and again to me or other people in my organization until one of us makes the mistake to click on that link.
APTs do not look for a home run on the first hit. They often first gain access into low priority areas that companies fail to protect adequately, the weakest links. By being patient, they can gradually work their way into parts of the networks they really want to access and steal data.
Targeted phishing is referred to as “spear phishing” because they are aimed at a target. The most high profile example was the compromise of a White House email system by Chinese hackers in 2012. We were assured that nothing important was compromised, but you have to wonder. Afterall, the emails were for the White House Military Office which is in charge of the President’s schedule and the codes he can use to order a nuclear attack!
We don’t know what the Chinese hackers were looking for exactly, but the lesson for all of us is that if the White House can be hacked then we are all vulnerable. You may not think your organization is significant target, like the White House, but every organization has financial and personal data that is attractive to hackers. Payroll records are a gold mine for criminals.
The techniques used by APTs are being emulated by others. APTs are the best argument for the layered approach to internet security with endpoint security management. Every connection point and every device that connects to your network needs to be secured. Every user that communicates on the network is a potential weak link that needs to be attended to.
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
See how your organization scores against cybersecurity threats