Home - Article

Featured Article

February 01, 2020

NEC Confirms Zero-Day Security Breach; How it Might Have Been Prevented


While there is no way to be 100% certain that your systems are impenetrable by hackers, here at Apex Technology Services, we believe companies should see each breach as a learning experience. NEC had a security breach in 2016 thanks to a zero-day exploit.

The company decided to keep the exploit quiet for many years.

What is a zero-day exploit? Basically, some software on the Japanese conglomerate’s servers and/or computers had an exploit which the company and software provider were likely not aware of.

NEC said it managed to decrypt this traffic in July 2018. According to its investigations, the decrypted traffic revealed that the attacker exfiltrated 27,445 files from its defense business division. 

The case added to concerns about Japan's cybersecurity, following a similar attack on Mitsubishi Electric Corp., which admitted this month that some classified information was leaked. The company is also a key player in the country's defense and infrastructure industries.

As we said at the start – it is not always possible to know when such a software vulnerability is being exploited – it is however possible to use anomaly detection software and a 24x7 security operations center or SOC to better the odds of defending against the hackers. The software looks for anomalous behavior on the network. For example, a large amount of encrypted data being sent to a country which rarely or never gets traffic sent to it. At this point, the SOC is alerted and can take action to hopefully block or stop the hack in its tracks.

There are many factors here to take into consideration. If the hackers are very crafty, they will try to disguise their traffic to not be detected. In addition, although state-of-the-art anomaly detection software uses AI, it is dependent on programmers to ensure the algorithms can truly detect potentially malicious traffic.

Then there is the issue of false alarms – ensuring only the highly questionable traffic is flagged. If not, the SOC workers will quickly reach alert fatigue, meaning they might not spot the real threats quickly.

What sort of organization can benefit from anomaly detection? Any that has a business it needs to protect. Government agencies, medical companies, finance, insurance and any with intellectual property or customer data it needs to protect.

For IT service, cybersecurity and tech support in Manhattan, New York, Connecticut and beyond, contact 5-star and award-winning Apex Technology Services and keep your organization protected.





Apex Technology Services
Choose from comprehensive, affordable solutions for IT consulting, network services and computer help desk support in Fairfield county including Norwalk, Darien, Stamford, Greenwich, Ridgefield and Bridgeport. Also Westchester county including Rye, New Rochelle, White Plains, Yonkers and New York including Manhattan and the five boroughs.
IT SERVICES

IT SERVICES

Apex Technology Services is a cutting edge MSP offering quality IT support to financial, medical, legal, Fortune 500 and government agencies while adhering to the highest of quality...

LEARN MORE
CYBERSECURITY Services

CYBERSECURITY

Apex Technology Services has the cybersecurity expertise to help your business in a world filled with attackers looking to shut down your business hold it ransom or steal your valuable...

LEARN MORE
CLOUD SERVICES

CLOUD SERVICES

Apex Technology Services delivers a combination of traditional IT functions such as infrastructure as a service (IaaS), applications, software, security, monitoring, storage...

LEARN MORE

Ranked Top 10 Network security Solution Provider

One Stop Shop For All Your Technology Needs


Contact us Now!