McAfee’s New Research Lab

Today’s security world is evolving very fast. The number of cyber attacks each day has increased from 500 to 200,000 – 500,000. McAfee has researched the current trends. The company has also set up a new research lab to raise the bar on security.

McAfee’s History in Online Security.

McAfee is one of the best-known names in online security. The company has had an Oregon presence for years. In 2010 McAfee sold to Intel for $7.7 billion giving up its brand. Intel looked for a way to integrate security software with its computer chips.

Last year Intel gave up and McAfee came back as a self-governing privately held business. The original name was restored. (Intel retained a 49% stake in the business).

McAfee’s Research.

In early 2017 McAfee Advanced Threat Research exposed a global campaign focusing on numerous sectors from telecommunications and entertainment to healthcare and finance. Operation GhostSecret is still active and believed to be linked to the global cybercrime group known as Hidden Cobra.

This is an extremely complicated campaign which uses a group of implants to get data from infected systems. It is able to escape detection and keep forensic investigators off the trail. There is an infrastructure with Indian based servers which collects the data and uses it to initiate other attacks.

In the first quarter of 2018 McAfee labs noted an average five new malware samples per second. In 2018 there have also been significant technical developments among cyber criminals. They are working to improve on the latest successful tactics technologies to defeat their target’s defenses.

A Reduction in the Number of Ransomware Payments.

McAfee sees a development in the nature and application of ransomware. This will continue through 2018 and in the future.

Evidence from McAfee Advanced Threat Research shows that the number of ransomware imbursements has reduced over the last year.

This trend indicates the success of:

• Free decryption tools.
• Improved system backup efforts.
• Greater user and organizational awareness.
• The combined actions of industry associations such as NoMoreRanson.org and the Cyber Threat Alliance.

McAfee Labs is a leading source of threat intelligence, cyber security through leadership and threat research. Using data from millions of sensors McAfee Labs gives real-time critical analysis, expert thinking and threat intelligence to reduce risks and improve protection.

The New Hillsboro Oregon Lab.

The McAfee Advanced Threat Lab is located inside the local office of cyber security company McAfee in Hillsboro, Oregon. It provides research and demonstration space for the Company’s Advanced Threat Research team. It looks at McAfee related areas but also looks at the broader technology landscape to pinpoint potential weak spots in security.

It provides the talented researchers an appropriate workspace with high-end hardware and electronics for:

• Automation,
• Exploration of problems in hardware, software and firmware.

The lab also serves as a demonstration facility. The Advanced Threat Research team can demonstrate current research and live demos to customers or prospective customers, law enforcement partners, vendors and academia.

Demonstrations in the Lab-Fixing System Flaws.

The demonstrations have shown how researchers misled deep learning image recognition software – like the kind used in autonomous driving – into thinking a sign is something other than a stop sign.

There are also demonstrations in the lab showing how researchers caught patient monitoring data. They also uncovered issues in Windows 10 machines in which Cortana permitted a third party to execute code from a lock screen. This exploit was taken to Microsoft and fixed in June.

The team either works alongside vendors who request help or works independently and takes the findings to the vendors.

At present researchers are examining potential attacks connected to autonomous driving and industrial controls. These run the country’s manufacturing facilities and infrastructure. They’re also looking at machine learning, a type of software that’s increasingly used in more services and devices.

McAfee often has an available answer for weaknesses. Sometimes they pioneer a trail on where problems are and hold vendors accountable.

McAfee and the Automotive Technology Security Industry.

McAfee is traditionally acknowledged for its work related to autonomous vehicles. The new McAfee Advanced Threat Research Lab has room for automotive research to deal with high-impact emerging threats in this area.

McAfee is part of a vivacious ecosystem delivering parts to the automotive industry including software, hardware and security processes from creation to driveway and chip to cloud.

McAfee works with the automotive technology security industries to improve the research, analytics, best practices and standards for a safe driving experience.

Computers have made meaningful contributions to vehicle performance safety and value. They have also increased connectivity, delivering many smartphone functions such as online games and entertainment, cellular data and voice functionality and web browsers. Vehicles are vulnerable to cyber attacks with in-vehicle communications and shared information.

There is a need for built-in architectural design and security solutions with automotive innovation. The goal for security products is to guarantee that the new vehicle prototype is protected and can function to its full potential in a malevolent operating environment.

Human and Machine Teams.

McAfee recognizes the importance of a combination of humans and machine in fighting cyber threats. The amount of information and threats that must be processed is bigger than humans alone can manage. The speed of machines is required to process, adapt and scale. Humans are needed too, to match and outwit the cunning of the human attackers.

Driving the rate of innovation McAfee is moving quickly to take on a multi-faceted approach known as “human-machine teaming”. This approach including the human-in-the-loop in processes and products shows a 10x increase in catching threats with a 5-fold decrease in false positives.

McAfee is developing its machine learning cyber security technology to a more complicated analytic called deep learning and artificial intelligence. Deep learning uses many levels of mathematical neurons like those present in the human brain.

Other Predictions in the McAfee Threats Predictions Report.

Ransomware Goes to New Targets – attackers will target less customary more cost-effective ransomware targets including businesses, high net-worth people and connected devices. Ransomware technologies will be applied beyond individuals to the disruption of organizations and cyber sabotage. New forms of cyber-crime business models and the growth of the cyber insurance market will be the trend.

New Opportunities for Friend and Foe – serverless apps can save time and cut costs. However, they can also increase the attack facade by introducing the susceptible transfer of data across networks, privilege escalation and application dependencies. They are also open to attacks on moving data across a network. Function expansion and deployment procedures must include the necessary security processes and traffic that is protected by VPNs or encryption.

Your Home the Ultimate Storefront – as connected devices take up space in your home, companies will want to observe what you are doing and learn more than you want to share. In 2018 McAfee suggests that there will be more examples of corporations looking for new ways to capture that data. They will believe that fines when they are caught are a business cost.

In Your Child’s Digital Backpack – Our children are probably the most susceptible in this changing world. They face an amazing future of experiences, services and gadgets. They also face immense risks to their privacy.

New Research from McAfee indicates that many parents (71%) are concerned that their children are at risk of being open to inappropriate content while gaming. Even more concerning 62% of children play games while directly communicating with other players. This increases the risk of being asked to share sensitive information or being exposed to inappropriate content. We must teach them how to pack their digital backpacks, so they benefit from the future.

Open School at the Lab.

In the Lab – Staff explained to students how a Tesla Model X is computer driven and possibly hackable and open to software bugs.

Cybersecurity Demos – An engineer demonstrated a virus found by downloading online games letting hackers read the microphone, keyboard and webcam input remotely from a person’s laptop.

Computer Science Introductions – Students were introduced to hourofcode.com. Computer science was introduced in an entertaining, non-intimidating way that allowed students to learn fundamentals while working on a chosen project.

Online Safety Training – Training was presented in the necessary steps on how to keep personal information private online while increasing awareness on the dangers of oversharing.

The field trip was an outstanding success. Students said it was a wonderful experience and they would advise a classmate or friend to participate. McAfee inspires all its sites to take part in educational community service.

McAfee’s goal is to make susceptible research a relatable and tangible concept. The team works towards shedding light on security issues that afflict nearly every industry in the world. They recognize that human-machine teaming has the tremendous capacity to give the advantage back to the defenders and the goal over the next few years is to make sure that happens. They also work closely with youth to educate them in the danger of cyber attacks. The McAfee Advanced Threat Lab has provided the environment for the Threat team to work towards these goals.