It all started with Duqu and the interest in this field has been ongoing ever since. Our understanding of new attack trends and techniques helps us to better remediate security incidents for our clients. Our expertise is used by some of the largest antivirus companies and we are one of the most innovative members of the professional community.
Today, everyone can be reached by (public) email, and working online has made this even more important as everyone works from home. In many cases, not technology is the bottleneck of vulnerability, but the human factor, and it is the easiest to exploit. A common type of attack is malicious files arriving as attachments in phishing emails (word, pdf and other typical office formats), which often download and launch a more complex malware. These can be prevented by early detection, proper preparation, user education etc.
A successful attack makes it impossible to use the computer or the whole system. Important data becomes inaccessible and the user is held for ransom. Some ransomware spreads to individual users, others attack in a smart, delayed manner, scanning the network and sharing themselves, causing much bigger problems, capable of crippling entire systems.
These put the most sensitive customer data at risk. The data they obtain is traded or, in worse cases, directly harms the end user.
Malware written directly on a specific physical architecture, hardware; In OT systems, it can harm availability, which is the most important aspect here from the Availability-Integrity-Confidentiality dimensions. OT systems are not prepared for attacks, while more and more of them are being created and integrated, providing an ever larger attack surface. Neither the people nor the protocols support secure operation.
These are very well tested attacks. They target a specific device from a specific manufacturer. The bigger the market or state actors, the more likely they are to be subject to such attacks: in the case of critical infrastructures, it can be a means of exerting political pressure, of making competitors impossible to compete.
We pick apart the malware that comes our way with scientific rigour and obsessive curiosity.
We are integrated in the international academic network of mad scientists and IT security communities.
We tailor the investigation process to the client's objectives.
We use in-depth analysis and reverse engineering techniques.
We make suggestions to avoid future incidents, we follow-up incidents as needed.
Educational, transparent and detailed report to upgrade your security posture
Professional excellence, customer oriented attitude
Follow-up, support, training and consulting as requested
Academic rigor and excellence in our job
All our results are delivered with business usability in mind
Copyright 2021 Ukatemi Technologies LLC.