Audit, advisory and tax firm BDO South Africa will offer a managed security service based on next-generation EDR (Endpoint Detection and Response) technology from Panda Security Africa, after the companies entered into a strategic cyber alliance.

Panda Security Africa says according to predictions for the year, cybercriminal activity shows no signs of slowing down and organisations must constantly review their cybersecurity strategies to reflect advanced threats.

"Traditional protection models are no match for sophisticated threats such as ransomware, exploits, script-based and other malware-less attacks – adopting next generation EDR (Endpoint Detection and Response) technology into a holistic cybersecurity strategy is where the solution lies," the company has stated.

BDO Advisory's Director of IT Audit and Cyber Laboratory, Graham Croock, says they chose to partner with Panda Security Africa as BDO is committed to the provision of world class services to clients using best of breed technology. This strategy is supported by the BDO Global Cyber Leadership Group (GCLG) headed up by Greg Garret in the USA.

Croock confirms that as cyber security is a global concern, it is imperative that global security service and product offerings are utilised.

According to the companies, the solution will also facilitate the ingesting of data by the BDO Security Operation Centre (SOC) operations in Israel and Norway which will contribute additional value to the services provided through collaboration.

Traditional endpoint protection is only effective in protecting against known malware. It is not capable of dealing with attacks where exploits, file-less malware and other advanced technologies are used, the companies claim.

At the core of the partnership is the application of Panda Security Africa's Adaptive Defence, an EDR class technology with a differentiated approach involving the monitoring and classification of all running processes to deliver a 100% attestation service that ensures only trusted applications can execute.

Panda Security Africa says Adaptive Defence gathers up to 10 000 data points for each executable. Using big data, machine learning and artificial intelligence, the service classifies goodware, malware or unknown processes - in real time.

Juan Santamaría, CEO of Panda Security, says, "We are very proud that the industry considers Panda Security as a visionary in advanced protection technologies for the endpoint. This affirms the cybersecurity model introduced by Panda. We became the only manufacturer to offer advanced protection based on the complete visibility of endpoint activity, together with classification services for all running processes and threat hunting. This is a significant innovation and an added value for our technology, our customers and our partners such as BDO, with whom we share the common goal of offering our customers the best services."

"This partnership between Panda Security and BDO will be important in protecting digital infrastructures and corporate networks in key industries in Southern Africa" says Jeremy Matthews, Regional Manager of Panda Security Africa. "We are pleased to be a part of this initiative - adding value to BDO's risk consulting and management service with Panda's intelligent endpoint security technology and services" continues Matthews.

New threats

Paul Jolliffe, Lead DSM: Security at T-Systems South Africa, has warned of the emergence of a new strain of ransomware in late 2017 which rather than having data recovered after a ransom was paid, victims of the attack found their data completely and irretrievably wiped – even after paying large sums of money to recover their information. "Whereas ransomware, in the traditional sense, seeks to make its perpetrators wealthy, the new strain seeks to destroy. It mimics ransomware and operates in a very similar fashion, accessing victim's computers through an infected link or attachment, encrypting the data on the machine and any other servers it can spread to.

However, the new strain is also able to elevate user access, meaning it can obtain user credentials and move laterally – undetected - between systems. The effects of such a wave can be catastrophic, with devastating financial and reputational consequences," said Jolliffe.

Researchers from global IT security firm Check Point Software Technologies recently revealed malicious code on Google Play Store that hides itself inside roughly 60 game apps, several of which are intended used by children. According to Google Play's data, the apps have been downloaded between 3 million and 7 million times.

The company said the malicious apps, dubbed 'AdultSwine', wreaks havoc by displaying ads from the web that are often highly inappropriate and pornographic, attempting to trick users into installing fake 'security apps' and inducing users to register to premium services at the user's expense.

"In addition, the malicious code can move laterally within the infrastructure of the phone, opening the door for other attacks such as user credential theft. Once the infected app is installed on the device, it waits for a boot to occur or for a user to unlock their screen in order to initiate the attack. The attacker then selects which of the above three actions to take and then display on the device owner's screen," stated Check Poin.

Gil Shwed, Founder and CEO of Check Point Software Technologies, believes corporates now have to adapt to what the company describes as Gen V or 5th generation threats.

"In 93 the internet was smaller, the hackers were much less sophisticated, but it was much easier to get into a company's network... today it is a little bit more difficult. On the other hand the networks are much more complicated and computing systems more evolved, so there are many more and much more sophisticated ways to do so. So I don't think we are losing it, but I do think we are at an inflection point and as an industry, we need to make a generational leap into the Gen5," said Shwed.