TL; DR: Group-IB is a Singapore-based company that specializes in prevention and investigation of cyberattacks on a mission to monitor, identify, and prevent online threats. The organization’s suite of advanced software and hardware products was built on a foundation of 16 years of experience with cyber investigations and digital forensics. Whether it’s helping companies protect the reputation of their brands or leveraging research to stay one step ahead of threat actors, Group-IB is working to make the internet a safer place.
For more than a decade, employers and researchers have issued warnings regarding a persistent shortage in tech skills. By next year, an estimated 1.4 million computing jobs will be available in America, with only 400,000 college graduates ready to fill them.
If you think that statistic reflects a massive problem, brace yourself: It’s about to get worse. Recent studies predict that the skills deficit will extend to 85 million workers around the globe by 2030.
Tech talent scarcity is perhaps most alarming when you consider its implications on the cybersecurity industry. In Europe, for example, more than 50% of all businesses and charities face a technical cybersecurity skills gap, leaving them vulnerable to an increasingly malicious online environment.
The good news? Organizations such as Group-IB are using the power of technology to help close these gaps. The company’s Threat Hunting Framework, for example, merges managed detection and response with automated external threat hunting.
“The technology was actually developed to help our analysts conduct threat hunts against different bad actors,” said Nicholas Palmer, Head of International Business at Group-IB. “We had been using that technology internally for three years before we realized that it could bring new capabilities and efficiencies to security operations centers around the world.”
As a leading provider of high fidelity threat intelligence, Group-IB also provides a broad range of prevention, response, and investigation products and services, from threat intelligence and detection to IP and brand protection solutions. Ultimately, Group-IB is on a mission to protect clients online via innovative solutions.
Wielding 16 Years of Experience in Threat Hunting and Intelligence
Group-IB was launched in 2003 by Founder Ilya Sachkov and a group of students from Bauman Moscow State Technical University and initially specialized in cyber investigations. Sixteen years later, the company is headquartered in Singapore and does not withhold plans to further expand globally.
“Sixteen years ago, it was difficult, at best, to manage security incidents,” Nicholas said. “Banks and other types of companies needed to be able to call someone to come in, remediate the network, and give advice on future steps.”
Group-IB filled that void, establishing a major digital forensics laboratory by 2010 and the Computer Emergency Response Team (CERT-GIB) by 2011, which, since then, has been immediately containing cyber threats — from network intrusions and malware infections to data leaks and online fraud — no matter when and where they occur and who is involved.
“As a company that provides incident response services, among other things, you start to collect a lot of information about threats and threat actors,” Nicholas said. “The company branched off, started to provide investigative services, and strengthened its relationship with both local and international law enforcement.”
It then used its forensics and investigative experience to develop products that would predict and prevent future attacks from happening. Today, Group-IB is also an official partner of Еuropol, a member of the World Economic Forum, and recommended by the Organization for Security and Co‑operation in Europe (OSCE). Gartner, IDC, and Forrester recognize the company’s products.
Group-IB is made up of talented specialists in several fields, from malware analysis to forensics, anti-fraud, and cyber threat intelligence. Its client base includes banks, financial institutions, software and hardware vendors, telecommunications service providers, oil and gas companies, and Fast-Moving Consumer Goods (FMCG) brands from Argentina, Australia, Brazil, Canada, Ecuador, Lebanon, Russia, the U.K., and the U.S.
Avoid Costly Reputational Damage with Robust Brand Protection
Today’s businesses must keep sensitive data safe from malicious actors or run the risk of financial and reputational ruin. Many scammers are eager to make a profit off brands that are known and trusted by cloning reputable sites, entering into fraudulent contracts, and launching fake promotions.
In industries such as retail, manufacturing, air travel, and cryptocurrency, an attack can result in the direct loss of several million dollars. Fraudsters also undermine the brand’s reputation, eroding trust and leading to an indirect loss of customers.
According to the Group-IB site, fraudsters leverage a variety of methods to exploit brands. For example, they may create a fraudulent website, tricking customers into providing sensitive data and making payments. They could also make fake social media groups to gain access to customer information. Or, they could create malicious mobile apps using an established company’s branding to distribute malware. All of these methods abuse brands by providing a negative customer experience.
Group-IB’s goal is to protect brands from the ever-expanding pool of online threats with continuous automated monitoring of over 3 million network resources. For this purpose, the company created its Brand Protection team. Rather than merely identifying violations, the technology exposes the attacker’s entire infrastructure, wiping out the source of the fraud.
The organization can typically determine the type of response required and block fraudulent sites in just 30 minutes. If that approach fails, Group-IB will leverage its relationships with top-level registrars, hosting providers, and Internet Service Providers.
“If brands don’t have access to that knowledge, they are quite frankly sitting ducks when it comes to threat actors who know how to bypass the most advanced technology on the market and conduct attacks at their will,” Nicholas said. “The tools and knowledge we have translate into being able to support our customers, both from a product and a service perspective.”
Nicholas said that Group-IB also works to protect brands in terms of intellectual property by blocking the distribution of counterfeit products on the internet. To safeguard digital content, the organization uses an anti-piracy solution that monitors more than 100,000 resources, from torrent trackers to platforms on the Deep Web.
Using Research to Stay One Step Ahead of Online Criminals
When it comes to ongoing development, Nicholas said feedback from customers around the world is paramount to the small adjustments the team makes, and combining internal research and firsthand knowledge on cybercrime largely shape new product releases, such as TDS Huntbox.
“Our ability to research cybercrime and cybercriminals is among the best in the industry,” Nicholas said. “Of course, we leverage big data and artificial intelligence in our products, but our 16 years of experience and accumulated knowledge is really what makes Group-IB stand out.”
According to Nicholas, the team’s hands-on experience in incident response and investigations helps the company continuously deploy new solutions to protect users from online threats. “Our visibility into cybercrime and cybercriminals goes directly into the development of our products,” he said.
In addition to Group-IB’s Threat Hunting Framework, Nicholas said Group-IB is proud of developments such as Secure Bank, a client-side fraud and attack prevention tool that allows banks to help detect threats across sessions, platforms, and devices; and Secure Portal, which provides personal fraud protection and data security for ecommerce, websites, and subscription services.
Introducing Group-IB’s New Global Headquarters in Singapore
In June, Group-IB announced that the company had officially set up its brand-new global headquarters in Singapore, where it will help local businesses and talent battle online crime.
“A crucial element of our strategy is to work hand in hand with leading universities in Singapore to develop highly skilled cybersecurity experts through joint educational programs and training courses with leading Singaporean schools,” Nicholas said in a press release. “Group-IB has recently signed an MoU with Singapore’s Institute of Technical Education (ITE), a principal provider of technical education in Singapore, under which the two parties plan to provide students with a strong theoretical base and practical training in unique learning environments within various cybersecurity fields.”
“We expect to roll out local offices in other regions as well — it’s all about supporting our clients,” Nicholas told us.