Fujitsu high-speed technology identifies within minutes damage from cyberattacks
TOKYO May 12, 2017 Fujitsu announces its high-speed forensic technology to identify the extent of damage targeted cyberattacks cause to an organization's intranet. The new technology, developed by Fujitsu Laboratories Ltd. and to be made available in Japan from June 2017, will accelerate time required to identify damage, from several weeks with conventional technology to several tens of minutes. Fujitsu will offer the new technology as a function added to its Fujitsu Security Solution Global Managed Security Service, which provides integrated lifecycle support to strengthen security resilience, mitigate risks and minimize damage of cyberattacks. Fujitsu has also signed an agreement with US-based Dtex Systems to launch solutions in Japan that combine Fujitsu's services with Dtex Systems' advanced user behavior intelligence technology that looks at the ordinary behavior of users at endpoints such as PCs, and then detects and analyzes behavior that suggests internal wrongdoing. The solutions will detect and analyze risks of internal impropriety that could lead to information leaks. These solutions will be made available and represent Dtex Systems' first collaboration in Japan. Going forward, Fujitsu will continue to contribute to the creation of a networked society in which everyone can feel safe and at ease, and will support the business continuity of customers by further strengthening its Global Managed Security Service using cutting-edge security technology.
The Cybersecurity Management Guidelines, published by Japan's Ministry for Economy, Trade and Industry and the Information-technology Promotion Agency (IPA), call for companies to take such steps as preparing an emergency response system if one is the victim of a cyberattack, and preparing a system for rapid disclosure after damage has been discovered. When subjected to a targeted cyberattack, it is important to prevent the damage from spreading by taking rapid initial countermeasures such as identifying where the attack has penetrated and removing attacked devices from the network, but identifying the extent of an attack on an intranet requires advanced technology and several weeks, making it difficult to rapidly determine attack status and disclose it. In addition, intentional internal wrongdoing by someone related to an organization is one of the main causes of information leaks, alongside targeted cyberattacks, and companies also face issues in discovering this type of activity. In order to resolve these issues, Fujitsu is offering functionality that can rapidly identify the extent of damage from a targeted cyberattack, and is expanding its Global Managed Security Service to detect the risk of internal impropriety through its collaboration with Dtex Systems. This will work to strengthen security on the boundaries between the internet and an intranet, and also within intranets and endpoints.
New Functionality to Rapidly Identify the Extent of Damage
A proprietary high-speed forensic technology developed by Fujitsu Laboratories enables the rapid determination of the extent of damage from an attack by detecting and analyzing only behaviors unique to targeted attacks from internet communications data. With this new functionality, the Global Managed Security Service monitors a customer's intranet 24 hours a day, 365 days a year from the Security Operation Center(4). When an external intrusion from a targeted attack is detected, Fujitsu's security experts determine the extent of the damage in several tens of minutes, using the high-speed forensic technology developed by Fujitsu Laboratories, enabling rapid reporting to the customer. With this functionality, customers can rapidly grasp the infection pathway used by the malware sent by the attacker, and which devices are infected. This means they can not only prevent the spread of the infection by removing only infected devices from the network, enabling early restoration of the attacked network environment, but they can also take immediate countermeasures aimed at business continuity, minimizing the damage.
About the Collaboration with Dtex Systems
Dtex Systems provides technology that collects metadata(5) of users' ordinary behavior in business, such as usage status and communications with outside parties, from endpoints such as PCs, and uses machine learning to understand the pattern of action in ordinary times. With this technology, it is possible to detect and notify supervisors of actions deviating from ordinary activity patterns. Fujitsu is now set to collaborate with Dtex Systems in its first deal in Japan to offer solutions. Fujitsu's security experts will analyze the risks of internal impropriety leading to intentional information leaks and other potential harm, supporting rapid countermeasures by customers.
Comment from Christy Wyatt, CEO of Dtex Systems
"Insider incidents represent a majority of data breaches globally, which makes understanding user behavior critical to preventing data loss. We are thrilled to partner with Fujitsu, a trusted industry leader, to offer comprehensive and scalable security solutions that provide deep, contextual understanding of user behavior in Japan."
Fujitsu is the leading Japanese information and communication technology (ICT) company offering a full range of technology products, solutions and services. Approximately 155,000 Fujitsu people support customers in more than 100 countries. We use our experience and the power of ICT to shape the future of society with our customers. Fujitsu Limited (TSE: 6702) reported consolidated revenues of 4.5 trillion yen (US$40 billion) for the fiscal year ended March 31, 2017. For more information, please see http://www.fujitsu.com.