G Data makes the analytical and forensic expertise of its most advanced security team available to organizations in the form of a new service. This allows companies to find out how and why they are victims of specific cyber attacks.
G Data has had an Advanced Analytics division (Adan) under its wing for about a decade. This division, staffed by approximately 30 international experts, is tasked with conducting in-depth investigations into malware and cyber attacks. Traditionally, our Adan team worked on behalf of our own security lab, explains Eddy Willems, Security Evangelist at G Data. At their request, Adan searched for the perpetrators of attacks on large parties, for example. In Germany, the team also works closely with the government for forensic research.
Digital detectives
You can compare the work of the team with what the Dutch experts at Fox IT do. At the time, they were commissioned by the Belgian government to investigate who was behind the Belgacom/BICS hack. The set-up is indeed similar, confirms Willems, although I think they will come from the network side sooner, while we are tackling the problems from a malware angle.
The G Data Advanced Analytics team should therefore be seen as a collection of experts who not only analyse code, but also go digitally undercover on hackersforma to find out exactly who is behind a certain attack, and what the goal is.
According to Willems, we want to make the expertise we have built up in recent years available to companies from now on. Our Advanced Analytics capabilities are therefore now available to organizations to call upon. If a company is hit by a persistent attack, we are able to find out in detail what exactly is going on. Moreover, the team tries to provide solutions.
European focus
In the first instance, G Data wants to reach the Benelux region in addition to Germany and, by extension, Europe. Willems: In the long run, we want to appeal to the whole world. The research team, which not only consists of Germans but attracts talent from all over Europe, will also be there when necessary.
In Germany, Adan is already a success. G Data cooperates with various large parties, including in the security sector, but Willems is not allowed to mention any names. That’s what’s bothering the security specialist. According to Willems, the expertise is present, but because of the many non disclosure agreements that Adan has to deal with, G Data is not allowed to simply disclose it. One well-known example that he can mention right away is that of the Uroboros-rootkit. This rootkit, which has been active since 2011, was analyzed by Adan, who was able to link the malware to a Russian cyberdefense program in 2014.
Future plans
In the future, we want to offer the service even more easily, says Willems. He is thinking of a kind of security scan service that is accessible to a wider range of potential customers. In the meantime, G Data Advanced Analytics as a service will be available immediately for those who want to use it.
Related: Spying by nation states: the structure of an APT and how to protect it
This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.