10 September, 2007PandaLabs, Panda’s laboratory, provides clients of the service with detailed forensic reports about any attack and its security implications.Panda Security has launched its Targeted Attack Alert Service. The service will fight cyber attacks that use malware especially designed to target specific online businesses, which has recently become one of the most dangerous Internet threats. The Web is now a breeding ground for a variety of fraudulent and criminal activity, including theft, identity spoofing or industrial espionage.
The most dangerous attacks are those using banker Trojans, designed to steal confidential bank details, credit card numbers, etc. The additional danger is that they are designed to target specific companies, either directly or by stealing their clients’ personal data, then used to make fraudulent transactions.
In 2006, Trojans accounted for 53 percent of all new malware created, and 20 percent of these were banker Trojans. So far in 2007, there has already been almost 40 percent more attacks than in the whole of 2006.
Panda’s Targeted Attack Alert Service is aimed at the financial sector and online businesses (payment platforms, e-commerce, etc.) and is provided directly by the Antifraud Surveillance Department at PandaLabs. This department is able to monitor the evolution of malicious code, through five million behavioral analysis sensors deployed across more than 150 countries.
Panda’s laboratory also has a network of hidden ‘honeypots’ distributed across cyber-space and a centralized online malware detection and processing service. This allows PandaLabs to detect rapidly any new targeted attack that occurs, and immediately inform the companies involved. This in turn allows banks and companies to take appropriate mitigating action, and prevent catastrophes that could affect millions of clients.
As part of this service, PandaLabs will provide companies with proactive information to help them understand the extent of the attack and its consequences. It will also advise on how to achieve optimum protection.
The Targeted Attack Alert Service operates as follows: all file samples received at PandaLabs are analyzed manually and/or automatically to establish whether they could affect the client. If malware is found, a laboratory technician will analyze how it operates.
If it is deemed to be a real threat, it will be completely analyzed. A fully comprehensive Forensic Report is generated and delivered to the client, detailing the identity of the sample, its monitoring techniques, the methods it uses to capture and steal information, the system it uses to steal data, information where it stores stolen data, the detection routine, observations from the analysis (such as country of origin), the URLs it monitors, the methods it uses to infect the host system, screens it shows, and many more.
The Forensic Report prepared by PandaLabs includes all the characteristics of each attack: malware involved, company under attack, strings detected in the code, technical data, effects and consequences, modus operandi, potential victims, symptoms, etc. This allows the company to better protect itself and its clients.
“Some of the benefits that this service offers to companies in the financial sector include proactive risk management to counter identity theft, identification of compromised users and control of online fraud”, explains Luis Corrons, Technical Director of PandaLabs.
Sales model
The Targeted Attack Alert Service is sold as both an annual subscription and as report packs.
