Carbon Black has announced the company’s endpoint detection and response (EDR) solution, Cb Response, was leveraged during the prosecution and impeachment of former South Korean President Park Geun-hye.
Through a partnership with Korean security partner, Naru Security Inc., Carbon Black collaborated with the special prosecutor’s office to provide end-to-end endpoint monitoring with Cb Response, defending the office from targeted cyber attacks.
Park, the first woman to be elected as president of South Korea, was impeached in December and officially stripped of power in March. She was recently indicted on bribery, extortion, abuse of power and other high-profile corruption charges. Former human rights attorney and student activist, Moon Jae-in, was elected as Park’s replacement on May 9.
“Park’s impeachment was a global affair being tracked by millions of news consumers,” said Kane Lightowler, Carbon Black’s managing director, Asia Pacific. “Given how high profile this case was, there were many risks to the special prosecutor’s office. There was concern that Park’s supporters might attempt to delete or taint evidence and the risk of other cyberattackers hoping to profit by leaking the latest evidence to the media. By leveraging Cb Response, Naru Security gained valuable insight into nefarious endpoint activity and kept the prosecutor's office safe during an unsettling time. Increasingly, governments and political organizations around the world are turning to Carbon Black to protect their most sensitive information.”
From December through February, Naru Security deployed Cb Response across all of the special prosecutor’s office’s endpoints and integrated Cb Response with the network solution ConnecTome to collect data and visualize it end-to-end. Cb Response identified and confirmed numerous malicious activities on the office’s endpoints, stopping the potential destruction of critical trial evidence.
“In the early stages of monitoring, we identified malicious activities via ConnecTome and pinpointed the process and MD5 with Cb Response,” said Joon Kim, Naru Security’s CEO. “Moreover, unknown attempted data exfiltration was identified by Cb Response. Carbon Black offered valuable insight during a time of great political unrest in South Korea.”