Fujitsu today announced the development of new technology that, in response to targeted cyber-attacks on specific organizations, rapidly analyzes damage status after an attack has been detected. In the event of malware attacks, which infect organizations to cause a great deal of damage, including information leaks, it was previously necessary to analyze a range of logs on networks and devices to clarify attack status. With this newly developed technology, security incident analysis, which previously had to be entrusted to an expert and which took a great deal of time, can now be done in a short period, even by non-experts. As a result, when suffering a targeted cyber-attack, it has become possible to rapidly and comprehensively take countermeasures before the damage spreads.
In recent years there has been a sharp rise in increasingly ingenious targeted cyber-attacks that aim to steal particular information from specific organizations or individuals. After having infected an organization, attackers can remotely control their malware, causing important information to be leaked outside the organization. This results in huge damage, not only to the organization attacked but also to its partners and customers. As this sort of malware attack is extremely difficult to completely prevent, there is a pressing need for countermeasures predicated on malware intrusion. Now, by automating and improving the efficiency of the information collection components necessary for attack status analysis via network communications analysis, Fujitsu Laboratories has developed forensics technology to analyze the status of a targeted cyber-attack in a short period of time and show the whole picture at a glance.