We are pleased to announce that Sophos is participating in the 2020 MITRE Engenuity ATT&CK Evaluations for Enterprise Carbanak and FIN7 evaluation with Sophos Intercept X.
The evaluation tests the detection capabilities of endpoint protection and endpoint detection and response (EDR) solutions. The 2020 test utilizes techniques common to the Carbanak and FIN7 threat groups.
These groups carry a firm reputation of utilizing innovative tradecraft. Efficient espionage and stealth are at the forefront of their strategy, as they often rely heavily on scripting, obfuscation, “hiding in plain sight,” and fully exploiting the users behind the machine while pillaging an environment. They also leverage a unique spectrum of operational utilities, spanning both sophisticated malware as well as legitimate administration tools capable of interacting with various platforms (Windows and Linux, including point-of-sale specific technologies).
This year an optional Protections scenario is also available as part of testing, which Sophos has also chosen to participate in. MITRE Engenuity expects the results and methodology to be available early in 2021.