Sqrrl Blog

Jun 19, 2015 8:00:00 AM

The OPM Breach and Big Data Security Analytics

In the past two weeks, the need for big data security analytics on the federal level has been acutely felt. At the end of last year, the Office of Personnel Management (OPM) was breached by hackers. The threat lay undetected for almost six months, until it was discovered, reportedly by accident, as the OPM worked actively to improve its security infrastructure. While the OPM does maintain its own security infrastructure, it also relies on the Department of Homeland Security’s National Cyber Protection system (NCPS), established in 2008 at the behest of Congress and the Executive branch. The NCPS was created to “protect the federal civilian Executive Branch government network and prevent known or suspected cyber threats,” according to the DHS.

Read More

Topics: Big Data Security, Linked data analysis, OPM, Department of Homeland Security, Big data security analytics

Mar 5, 2015 8:30:00 AM

Cyber Pattern-of-Life Analysis

By Ely Kahn

Pattern-of-life analysis is a well-known (and sometime controversial term) in the US Intelligence Community. One definition of pattern-of-life analysis is:

"A method of surveillance specifically used for documenting or understanding a subject's (or many subjects') habits. This information can then be potentially used to predict future actions by the subject(s) being observed. This form of observation can, and is, generally done without the consent of the subject, with motives including but not limited to security, profit, scientific research, regular censuses, and traffic analysis. Unlike these specific areas of surveillance, pattern-of-life analysis is not limited to one medium and can encompass tracking anything in an individual's (or system of individuals') life from their internet browsing habits to their geophysical movements."

Read More

Topics: Big Data Security, Breach Detection, Data Analysis

Feb 25, 2015 8:30:00 AM

Top of the Food Chain: Cyber Hunting with Sqrrls

An Interview with a Threat Hunter, Sqrrl’s David Bianco

By George Aquila

Executive Summary

Big Data Security Analytics techniques are critical to hunt for advanced cyber threats. Starting with just some hypotheses, a seasoned threat hunter can use a Big Data tool, such as Sqrrl's threat hunting platform, to iterate through large amounts of data and detect anomalies that would otherwise go unnoticed by traditional defenses. While more and more companies are attempting to build cyber threat hunting capabilities, few tools exist to assist analysts in the challenges of the hunt. The expansion of data science capabilities into the cybersecurity realm holds great promise for the advancement of cyber hunting. Sqrrl’s David Bianco sheds some light on these crucial developments surrounding the rise of threat hunting, and how Sqrrl’s solution can provide these much needed solutions.

Sqrrl_Hunter
Read More

Topics: Big Data Security, Breach Detection, Cyber Hunting

Dec 1, 2014 8:30:00 AM

BlackEnergy: Mitigation with Big Data Analytics

By George Aquila

The botnet builder interface of an earlier variant of BlackEnergyThe botnet builder interface of an earlier variant of BlackEnergy 

The Lurking Threat

In late October, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) issued a formal alert warning that it had “identified a sophisticated malware campaign that has compromised numerous industrial control systems,” including GE Cimplicity and Siemens WinCC platforms, from as far back as 2011. These are widely used to control and monitor critical infrastructure from gas pipelines to electrical grids, so the threat has prompted a rising concern in the energy community that systems across the country have been compromised and could be imminently threatened by malicious actors.

Read More

Topics: Accumulo, Hadoop, Big Data Security, Cybersecurity, APT Campaign, Malware

Nov 6, 2014 8:00:00 AM

Coordinated Information Sharing on Cyber Threats and Secure Data Management

By George Aquila

The Evolving Threat Landscape

Mitigating cyber threats is a difficult task. As has been shown time and again in various recent data breaches, maintaining up to date security measures and abiding by industry prescribed best practices can leave even the most prominent and incident-ready organizations open to breaches. With a diverse range of constantly evolving Advanced Persistent Threats (APTs), traditional defenses like firewalls and signature-based malware detectors are at an inherent disadvantage against motivated attackers looking to infiltrate data systems of all kinds.

Read More

Topics: Accumulo, Big Data Security, Sqrrl Enterprise, Partnership, Info Sharing

Oct 16, 2014 8:00:00 AM

JPMorgan and Big Data Security Analytics

By George Aquila

The Attack

On October 2nd, JPMorgan Chase revealed through an SEC filing that it had been the target of a massive cyber intrusion resulting in a significant data breach over the course of the summer months, roughly between June and August.

Although reports on the perpetrators’ identity are inconclusive, sources including the New York Times have suggested the protracted attack was carried out by a Russian cyber criminal ring, possibly with connections to the Russian government.

Rather than money, it was information on approximately 83 million customers that was stolen, taken from over 90 servers hosting the company’s data storage systems, as well as some critical information on the company’s inner computers.

The infiltrators were reportedly unable to access the data stores that hold the most sensitive customer financial data (such as account numbers, passwords, and SSNs) before the intrusion was detected and mitigated.

Read More

Topics: Big Data Security, Cybersecurity, Breach Detection

May 27, 2014 3:05:00 PM

Rebalancing the Security Equation

by Joe Travaglini, Director of Product Marketing

There is no secure perimeter.

With the dawn of phenomena such as Cloud Computing and Bring Your Own Device (BYOD), it is no longer the case that there is a well-defined perimeter to secure and defend. Data is able to flow inside, outside, and across your network boundaries with limited interference from traditional controls. The "trusted zone" as we know it is a thing of the past.

Read More

Topics: Big Data, Blog Post, Big Data Security, Sqrrl Enterprise

Apr 28, 2014 2:12:00 PM

Big Data Security Roundup

by Joe Travaglini, Director of Product Marketing for Sqrrl

As Big Data products continue to gain traction and enter the mainstream, they must also provide the security and compliance capabilities that are expected by users of trusted, Enterprise software.

In order to break down data silos and analyze business events from a 360-degree vantage point, folks are consolidating disparate sources of data into a single location. This consolidation also brings with it a compounding of risk, as the blast radius of a security event now affects multiple assets at once. In effect, Big Data has amplified the stakes of security.

Read More

Topics: Big Data, Blog Post, Big Data Security, Cybersecurity

Feb 27, 2014 3:52:00 PM

Announcing Sqrrl Enterprise 1.3

by Joe Travaglini, Director of Product Marketing for Sqrrl

We are pleased to announce the general availability of our latest release, Sqrrl Enterprise 1.3. This release brings bug fixes, performance improvements, security enhancements, and additional functionality to our Enterprise package.

Read More

Topics: Accumulo, NoSQL, Big Data, Hadoop, Blog Post, Big Data Security

Feb 18, 2014 2:40:00 PM

Bringing Big Data to the Next Level

by Joe Travaglini, Director of Product Marketing for Sqrrl

It has been said that we entered the age of Big Data when the opportunity cost of throwing data away exceeded the monetary cost of keeping it. This inflection point has led to the adoption of Hadoop, the emergence of tools to tame the wild yellow elephant, and more recently the attractive notion of a ‘data hub’ or ‘data lake’. Driven by the commoditization of both hardware and software, this fundamental change in technology economics may very well be true, but it still takes proper execution to convert this opportunity cost into actual income.

Read More

Topics: Accumulo, NoSQL, Big Data, Hadoop, Computer Software, Blog Post, Big Data Security