Contego’s Malware Threat Assessment
Contego’s Malware Threat Assessment will inspect your network for breaches and compromises. During this assessment we will provide you with education, visibility and recommendations as well as reports detailing malware variants found operating within your existing security infrastructure and communicating to various external command and control (CnC) servers across heterogeneous Internet geographies.
The malware assessment will give you actionable visibility of breaches and binaries found operating within your existing security infrastructure and communicating to various external command and control (CnC) servers across heterogeneous Internet geographies. The increase in advanced persistent threats (binaries that transfer sensitive information such as banking information, keystrokes for password cracking and IP) is real and impacting business of all sizes.
- Real dollars are being stolen. Like most account fraud, the victims tend to be small-to-medium sized businesses and public institutions that have accounts at local community banks and credit unions. It is easier to attack small business instead of going after the big boys.
- Malware doesn’t just steal, it impacts operations. Gwinnett Medical Center in Lawrenceville, GA had to stop accepting patients due to an attack. The breach downed the institution’s network and sent staff back to using paper records requiring the hospital to stop accepting ambulances.
If you are interested in reading the articles you may Google / search “malware Gwinnett Medical Center.”
The assessment will provide you with:
- Top malware infections
- Infection scale and level of severity (minor -> critical)
- Visibility and education into malware variants engineered to steal confidential and proprietary data such as personal account information, keystrokes, login credentials as well as financial banking information.
- Existing Compromises – A detail of assets compromised by advanced targeted malware. “John Smith is infected with a keylogger.” Who? What? When? Where?
- A callback analysis / POST data analysis
- What sensitive data is leaving your network? During the assessment we will highlight the POST events found during the callback analysis. POST data is information leaving your network and POSTing to a server outside of your control. POST data contain a range information including intellectual property (see the news about Nortel), credit card information (see Sony-100+ million loss) and keystrokes.
- Fraudulent activity risk assessment
- Liability risk assessment
- Visibility and techniques that will block callbacks/phone home traffic. If you choose you may block these during the assessment.