Threat Vector installs hardware in your company’s network called sensors which are used to collect information. This information is transmitted back to our team at Threat Vector using a secure connection where it can be analyzed. Our sensors collect any and all events that happen on your network. We monitor everything from login failures, login successes, file access, internet connections, firewall permit, firewall deny, and much more. By compiling this information, Threat Vector establishes risk assessments to further filter out the harmless events from the ones that may actually present a threat to your company’s assets. For this we use data collection and the OTX to determine if your system may be exploited or under attack.
Brute Force Attack
A brute force attack is a hacker’s attempt to access a network. Hackers like to use this method of attack when they cannot gain access to the network because the encryption is too secure. So even if you have top of the line firewalls already in place, your company’s sensitive data could still be at risk. Threat Vector monitors network events for brute force attacks. One way this is done is by keeping track of failed login attempts.
Brute force attacks are done by systematically checking for all possible passwords and keys to gain access to the system. Hackers use malware to test out thousands of passwords in a short period of time. This means there are going to be many failed login attempts before the hacker can enter the correct password. Threat Vector monitors and logs failed login attempts. The more failed login attempts there are in one single occurrence, the higher the likelihood of a brute force attack.
Threat Vector has strategies in place to combat brute force attacks. Once we determine that there is a brute force attack underway, we lockout the user so they can no longer attempt to enter their password and access the system until that account is given permission again. Threat Vector can also lock out IP addresses so if a hacker is trying to remotely gain access to the system we can lock out that device and still keep the user active. However, one issue with locking out IP addresses is that the attacker could be using a proxy server in which case if you lock out the proxy server IP you could be locking out other users on your system as well. These types of attacks have the capability to not only steal sensitive information, but furthermore it can shut down your network for an extended period of time leaving your company defenseless while hackers take all your data. Threat Vector keeps intruders out and your private information secure.
Trojan Horse
A Trojan horse is a common tool that hackers use to give them access to your company’s network and do anything they want with it. Trojan horses are a form of malware and they get into a system disguised as something completely normal. For example, hackers like to use some social engineering to deploy their Trojan horse. They typically exploit a low level employee (one without a technical background) and send them an email which may seem perfectly normal however once they download an attachment, the Trojan horse moves in. Trojan horses can steal data, delete data, edit data, or even compromise the network infrastructure so that it can no longer function.
Trojan horses are very effective because they are very often overlooked and go unnoticed. They use rootkits to stay hidden from the users on the network. It does this by modifying the operating system so that malware like Trojan horses do not appear anywhere in the system. Rootkits essentially make malware invisible.
Prevention
The best protection against brute force attacks, Trojan horses, and rootkits is prevention. Threat vector monitors your company’s security systems to make sure there aren’t any holes in it. We also observe what the security applications allow into the network and what they deny this way nothing gets into the network without Threat Vector knowing about it. This also allows us to see if any unauthorized users are trying to get in and if so we can heighten security measures to continue to keep them out.
Threat Vector monitors your company’s firewalls to make sure they are operational at all times. If your firewall is ever breached or shut down we will be alarmed immediately and take preventative measures to ensure all data is secure. We can also take measures to ensure the security of your company’s firewalls by preforming penetration tests. We make sure to keep malware out of your network and if it does get in it can be isolated and eliminated before it can do any damage.