ARIA Cybersecurity Extends Free Cybersecurity Solution to Stop on-Going Attacks Affecting Users of Solarwinds Orion Platform
The ARIA Advanced Detection and Response Solution Will Detect and Stop the On-going Attacks Against Compromised Government and Commercial Organizations
ARIA Cybersecurity Solutions, a CSPi business that delivers a software-defined approach for improved cyber-attack incident response, announced the free use of the ARIA Advanced Detection and Response (ADR) for a three-month period to detect and stop the on-going attacks in the 18,000 organizations potentially impacted by the “SUNBURST” enabled cyber attack.
The Cyber Infrastructure Security Agency (CISA) has classified the attack that has hamstrung over a dozen agencies, three states, and hundreds of commercial organizations as an Advanced Persistent Threat (APT). Upon penetrating the organization via the “SUNBURST” hack to the Orion code, the “bad actor” actively uses the network to access as many vulnerable systems as possible while using techniques to try and hide their actions.
Recommended AI News: OneConnect CEO: Fintech Transformation Now a Driver of Growth in Banking Sector
CISA officials were quoted as saying, “This APT actor has demonstrated patience, operational security, and complex tradecraft in these intrusions. CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations.” The SolarWinds Orion Platform is installed in 33,000 U.S. Government and global organizations. By design, the platform accesses an extensive portion of an organization’s network, making the potential for damage enormous.
The CISA alert notes that the perpetrators used their initial entry to gain additional privileged access allowing them to further penetrate the organization’s network. If the attackers are already inside the network, disabling SolarWinds’ Orion is futile. In addition, Microsoft alerted its customers that their environments were also compromised, indicating that its security tools were also ineffective at finding and stopping the attack.
Recommended AI News: Daily AI Roundup: The 5 Coolest Things On Earth Today
ARIA’s Advanced Detection and Response (ADR) solution is designed to find and stop all forms of attacks, including APTs such as this one.
“The ARIA ADR solution is unique as it automatically, and in real-time, detects, verifies, and stops any attack as it become active. ARIA ADR is an ideal add-on to current security tools. We often replace legacy security information and event management (SIEM) solutions and other security tools that were not designed to stop modern attacks,” said Gary Southwell, ARIA Cybersecurity Vice President and General Manager, CSPi. “For instance, after the 2015 OPM breach, the Department of Homeland Security mandated the deployment of Splunk Enterprise Security across all civilian government agencies. Yet, Splunk, like other SIEMs, is best suited for highly-trained SOC analysts to manually search log infrastructure for IOCs, typically to try and find out what happened after the fact. It’s not designed to automatically find and stop threats, certainly not modern attacks like APTs, zero-day malware, ransomware, or other sophisticated intrusions and data exfiltrations. This is where ARIA ADR shines not only for automated threat detection but also for quick return on investment in tools and operational savings.”
Once deployed in a network, ARIA ADR works out of the box, requiring no special configuration. It is purpose-built to automatically find and stop all forms of attacks, including APTs such as this one. With 70+ patented threat models preloaded onto the solution it can detect any attacker’s actions and behaviors, making it a highly effective threat detection and response solution. It then leverages advanced machine learning (ML) to pick up on these behaviors by monitoring all network data, the security and IT architecture, and deployed applications. Using artificial intelligence (AI) it finds any bad actors, verifies their activity and correlates their actions before declaring a confirmed threat.
The ARIA ADR AI provides the push button or fully automated ability to knock the attacker off the network, disable the use of compromised credentials, and/or stop all attack related communication without taking any systems off-line.
ARIA Cybersecurity is extending the free use of ARIA ADR for a three-month period to detect and stop these threat actors and their activity related to the APT attack. The ARIA ADR solution is appropriate for all size organizations, as it can be dropped into any environment, works out of the box, and requires no trained staff. If the customer is happy with the solution, they can elect to pay for a monthly subscription thereafter.
Recommended AI News: SimplyBank Selects KlariVis to Lead Its Data Analytics Initiative