MetroStar works with partners like FireEye to detect and prevent the new breed of cyber attacks being waged today, and knows the importance for security practitioners and researchers to understand these attacks. The new breed of cyber attacks include multiple, distinct, and at times coordinated, stages. These stages, based on various methods and capabilities, may include system infection, malware download, callbacks, data exfiltration, and lateral movement. Within these stages, callbacks represent a critical juncture, one in which compromised machines establish communication with an external Command and Control (CnC) server. Once this communication is established, cybercriminals can achieve a host of malicious objectives, including modifying malware to evade detection, exfiltrating data, and expanding an attack within a victim’s organization.
Many lessons can be learned and gained from these types of activities, including vital insights that offer details about the family of malicious software employed, the countries and industries of the targeted companies, and the location of the CnC servers orchestrating these attacks. MetroStar’s technical mastery of cyberspace concepts and the DoD information (DODIN) environment helps address gaps for the planning, development, and implementation of capabilities to secure, operate, and defend the DODIN. These services include, but not limited to:
- Providing cybersecurity input in the strategic, operational, and tactical planning, coordination, and synchronization of the full spectrum of operations
- Identifying cyberspace vulnerabilities, threats, and incidents mitigation/remediation strategies to reduce risk
- Validating the compliance of directives, facilitating standards and protocols compliance though the inspection process
- Selecting tools and technologies to defend our clients’ enterprise with rapid security deployments and intelligent applications that can protect and deter future attacks