This article will focus on offensive weapons disclosed (June 2017) and linked to Industrial Controls Systems (ICS) security issues. These tools would be linked to previous cyberattacks against critical infrastructure in Ukraine (2016).
What to know about these malwares ?
We will explore some eGambit features that could be used to fight against this kind of stealth weapons and how our cyber robots and our Artificial Intelligence engines might be stronger than malwares.
The full eGambit arsenal is able to automatically work against unknown threats.
Here are some quick examples of scenarios about how to fight against a new threat (Ransomware, APT…)
1. An eGambit Endpoint Security agent detects an unknown program (unknown worldwide)
2. This program is analyzed and sent back to the nearest available connected appliance for further analysis
3. The eGambit Forensics portal with its API is used by multiple robots to fully analyze potential weapons
eGambit can automatically detect & fight new threats like CrashOverride.
Let’s share the results of the eGambit A.I. engine
The files used for the “CrashOverride” attack were all flagged as “MALWARE”
In conlusion, the detection rate of CrashOverride is reaching 100% for eGambit A.I.