Barton Shigemura President & CEOAccount takeover (ATO) has become a lucrative prospect for hackers who compromise financial accounts by stealing personally identifiable information and exploiting vulnerabilities in corporate networks. According to a new Javelin Strategy & Research study, ATO frauds resulted in losses worth $16 billion in 2016 alone. Meanwhile, the existing cybersecurity solutions are either not focused on the problem or utilize technology that is prone to false positives. Realizing the lack of services that address the growing ATO threat, SpyCloud has developed proactive solutions for complete protection from ATO and data breaches. “Until SpyCloud came to the scene, the industry was lacking an exact match technology solution that focused on collecting compromised credentials early enough to stop threats,” remarks Ted Ross, co-founder and CEO of SpyCloud, a network and cybersecurity industry veteran.
SpyCloud’s early warning solution raises alerts on detection of compromised employee or company assets. The company leverages a combination of human intelligence and SpySight engine, an automated scanner, to acquire leaked or stolen assets that are in the hands of threat actors. Last year, over 10 billion compromised assets were collected and approximately 50 million new records are added weekly. “Once the data is collected, we parse, normalize, de-duplicate, validate, crack passwords, analyze, and enrich the records to ensure the information is valuable to our customers,” adds Ross.
Helping protect credentials, SpyCloud offers a web portal where users can enter website domains, email addresses, and other company information in the watchlist panel to receive historical breach exposure reports instantly. SpyCloud monitors the “underground” for stolen assets that match the watchlist and sends instant alerts to users. The solution provides the full context of each record—the passwords, source, and a description of the breach. To prevent ATO for employees, enterprises can leverage SpyCloud’s automated Active Directory monitor tool, which can be installed on any device connected to Active Directory Services. The tool compares stolen assets of active users and forces a password reset once a positive match is detected.
By providing a set of actionable and easy to integrate ATO prevention tools, our customers are able to effortlessly integrate SpyCloud into their existing security workflows and see instant ROI
Enterprises can integrate SpyCloud’s API into their existing customer login solutions to identify customers with exposed credentials and reset their password. The API is user-friendly and fully documented, it includes console access to test different queries and provides the code snippets needed for integration into various systems.
On detecting infected users, firms can make use of SpyCloud API’s more sophisticated functionality to effectively thwart attacks. “SpyCloud prevents identity theft and fraud by detecting when accounts have been compromised by botnets and malware, and proactively resetting accounts or triggering additional security challenges,” explains Ross. In addition, SpyCloud provide Maltego transforms for interactive data mining and rendering graphs for fraud investigations. The tool can be used for online investigations to find relationships between pieces of information from various sources located on the internet. Investigators can pivot on a username, password, IP address, or email and find a wealth of data to research breaches and threat actors.
“The threat of Account Takeover keeps rising year after year. We are laser-focused on preventing cybercrime as it relates to these attacks to prevent account fraud, reputation damage, and intellectual property theft for our customers,” says Ross. “By providing a set of actionable and easy to integrate ATO prevention tools, our customers are able to effortlessly integrate SpyCloud into their existing security workflows and see instant ROI,” concludes Ross.