MITRE has announced new assessments of commercial cybersecurity products to protect software and technology against the threat posed by the hack groups commonly known as Carbanak and FIN7, the company reported on Friday.
“During the previous evaluations, vendors would note when they believed a protection would have prevented the execution of specific evaluated behaviors. By extending the offering to include protections, the evaluations will be able to definitively say whether this was the case,” said Frank Duff, the ATT&CK Evaluations lead.
The hacking groups, Carbanak and FIN7, have compromised financial service and hospitality organizations through the use of sophisticated malware and techniques. Over the past five years, the groups have stolen more than $1 billion across hundreds of businesses.
MITRE’s ATT&CK, a knowledge base of adversary tactics, techniques, and procedures that is based on published threat reporting, has been used by cybersecurity experts within the finance, healthcare, energy, manufacturing, retail, and government sectors to detail adversary behavior and tradecraft.
The company’s current evaluation set will assess products’ detection rate of tactics and techniques used by the adversary groups. It will utilize curated methodology and output data to inform organizations as well as provide individual analysis and interpretation to prevent attacks.
“We’ve heard from companies that have incorporated data from the first evaluations into their purchasing decisions that doing so has enabled them to make better informed decisions faster and at a far lower cost – up to 10 times less than they would have spent evaluating the products entirely on their own,” Duff said. “We’ve worked to make our results more self-explanatory, so that consumers can make decisions even more easily and effectively.”
The detection evaluations will be publicly released, giving the users and potential users of these tools clear insights into performance. This evaluation will also mark the first time that vendors can sign up for an optional extension to their detection evaluation that will exercise their protections related to ATT&CK techniques.
MITRE’s mission-driven teams are dedicated to solving problems for a safer world. Through our public-private partnerships and federally funded R&D centers, we work across government and in partnership with industry to tackle challenges to the safety, stability, and well-being of our nation.