Agari, the next-generation Secure Email Cloud that restores trust to the inbox, announced the launch of the Agari Cyber Intelligence Division (ACID), Agari’s counterintelligence team dedicated to worldwide business email compromise (BEC) and spearphishing investigation.
ACID uses a combination of passive intelligence collection and active threat actor engagement to uncover new tactics and techniques used by cybercriminal groups, with a focus on fighting BEC and spearphishing attacks.
“One benefit of TI is that it improves decision making in core security processes, such as incident response and policy enforcement. Better visibility of the threat landscape helps CISOs justify the need for additional resources and understand the problems they encounter,” reports Gartner Research vice president Craig Lawson and Sr principal analyst Khushbu Pratap in Market Guide for Security Threat Intelligence Products and Services, in July 2017.
Agari has named Crane Hassold, an 11-year veteran of the FBI, to lead ACID on a worldwide basis. Hassold helped create the FBI’s Cyber Behavioral Analysis Centre (CBAC), which combines traditional criminal behavioral analysis techniques with cybersecurity expertise to provide actionable analytical support for national security and criminal cyber investigations.
Today ACID has published its inaugural research report on London Blue, documenting the working methods of a U.K./Nigerian gang with U.S.-based co-conspirators conducting BEC attacks against companies around the world. The gang operates like a modern marketing corporation, assembling attack targets from commercial data brokers. ACID will continue publishing threat actor dossiers, quarterly research reports, timely alerts and blogs.
“Agari’s active defense investigations have protected clients, aided innocent victims and led to the closing of hundreds of bank accounts used to launder money stolen from BEC victims,” Hassold said. “By establishing ACID, we are providing a vehicle to regularly bring this work to a broader audience for even greater real-world impact.”
Comment on this article below or via Twitter: @VanillaPlus OR @jcvplus
