- Posted by Plurilock
- On April 7, 2018
Cyber attacks are on the rise, and threats are ever-evolving. Learn more about these common cybersecurity threat types and how BioTracker solves them using AI and behavioral biometrics.
Insider Threats: Bribery and Coercion
Bribery and coercion are troubling situations that can compromise your business. Disgruntled employees, corporate espionage, bribes for inside information, or even employee intimidation can allow threat actors to access valuable information. Protect your employees and your information by using BioTracker.
BioTracker protects against these threats by using behavioral biometrics and AI.
Scenario 1: If the incident involves an authorized user, actions like quickly downloading many files, or physical manifestations of duress can lead BioTracker to flag security teams or limit user access in the background.
Scenario 2: If the coercer (not the authorized user) tries to use the stolen credentials, their mouse and keyboard actions will not match the end-users profile and the will be flagged as an intruder within seconds.
Financial gain and espionage highest motivations for insider threat – 2016 Data Breach Investigations Report
22% of data breaches involved internal actors — Grand Theft Data
Insider incidents are the hardest (and take the longest) to detect – 2016 Data Breach Investigations Report
Credential sharing is not only a growing, costly problem for subscription-based companies. Credential sharing also makes organizations susceptible to intrusions. Shared passwords limit the security team’s visibility, leading to a host of vulnerabilities. When users share passwords your visibility is limited:
- Who else is using the account?
- Are the credentials are written down somewhere?
Have the credentials been shared across an unsecure platform?
All of these scenarios compromise endpoint security. When an incident happens, how can management know who was present? Remove your blind spots and increase your visibility with BioTracker.
BioTracker protects against credential sharing by creating a unique profile for the end user, using patented behavioral biometrics and AI. It continuously verifies users by the way they use their keyboard and mouse. Once an event has been flagged as suspicious, you are protected. BioTracker alerts security teams, limits permissions, and protects your system. You configure the appropriate response. Know who is doing what, and when.
When more than one person knows the root password, plausible deniability becomes a factor – Privileged Password Sharing Root of Evil
One of the most common breaches of PHI (Personal Health Information) is the use of another’s credentials to access patient information.
Stolen Accounts (Phishing)
Phishing: A digital form of social engineering to deceive individuals into providing sensitive information
Users can unwittingly invite threat actors into your system. Phishing attacks, in which threat actors fool users into entering their credentials, are becoming more and more sophisticated, and harder to detect. While security and cyber-hygiene training can make users less likely to engage in risky practices, an extra layer of security provides identity assurance.
Even if your user has submitted their credentials to a threat actor, BioTracker mitigates the damage. BioTracker immediately detects the intruder by the way they type their username and password (by our Behavioral Login) or by the way they use their keyboard and mouse (Continuous Authentication.) Once the event has been flagged as suspicious, BioTracker alerts security teams, limits permissions, and protects your system. You configure the appropriate response.
BioTracker protects against these kinds of attacks:
- Business Email Compromise
- Clone phishing
There are more than 100 million phishing attacks every day. DNI
Make sure you are aware of exactly where your data is, and be careful who you give privileges to and to what degree.
Phishing pages have migrated to HTTPS but a page certificate does not guarantee safety — Secure list
Not all attacks require sophistication. Users leaving their systems unlocked while not at their station, writing down passwords, or leaving laptops unattended can expose your organization to internal or external threat actors. While security training and awareness can help mitigate these problems, BioTracker provides an additional layer of protection to solve for worst-case scenarios.
Even if a threat actor has access to the laptop, credentials, or even an unlocked, unattended workstation, BioTracker will protect. BioTracker flags the threat actor’s actions as suspicious within seconds of attempted login (Behavioral Login) or by how they use the computer and mouse (Continuous Authentication) alerting security teams, limiting permissions, and protecting your system.
End-user carelessness constitutes biggest security threat to organizations, surpassing the ever-present peril posed by malware or organized hacker attacks.
Security researchers repeatedly label end users the biggest threat to enterprise security
Remote Access Trojan
Remote Access Trojans (RATS) are a specific type of malware that controls a system remotely, mimicking the user. Once a threat actor has used a RAT to infiltrate the system, they can access your sensitive data as easily as if they were at the workstation itself. BioTracker stops threat actors with our patented behavioral biometrics technology. Using AI, BioTracker constantly authenticates users, flagging suspicious behavior, limited permissions, or requiring additional authentication.