BlackBerry Optics

BlackBerry Optics brings cryptomining and cryptojacking detection to Intel PCs

BlackBerry Optics endpoint detection and response (EDR) solution automatically detects cryptojacking at the hardware level

BlackBerry has released an update to BlackBerry Optics with cryptomining and cryptojacking detection for Intel-based commercial PCs.

BlackBerry has collaborated with Intel on technology that effectively stops cryptojacking. With virtually no processor impact and easy configuration, organizations can detect and mitigate cryptojacking with greater precision and consistent results across all types of workloads executing on Windows 10 operating systems.

In BlackBerry Optics v2.5.1100, BlackBerry has integrated Intel Threat Detection Technology (TDT) driver and machine learning model into BlackBerry Optics. This advanced, AI-driven EDR solution is delivered through the BlackBerry Spark UES Suite, providing organizations with threat prevention and detection across every endpoint – fixed or mobile, inside or outside the network firewall, corporate managed or BYO.

Intel TDT is a set of security techniques adept at detecting cryptojacking malware. These techniques rely on hardware-supplied telemetry provided by Intel vPro CPUs. By monitoring performance counters, Intel TDT can detect processes that are likely mining cryptocurrencies.

Cryptojacking is the installation of malware on a device in order to hijack computing power to mine cryptocurrency without the user’s knowledge. Many cryptojacking operations will utilize small quantities of power from many different machines to create a pool of processing power.

This technique makes large corporations and businesses an ideal target for easy infection of multiple machines once access is gained.

According to a recently published report, “around 10% of organizations received (and blocked) Cryptocurrency mining malware at some point throughout the course of the year.”

“Given the cost associated with mining cryptocurrency and the payments of ransomware demands on the decline, cryptojacking becomes an attractive option for threat actors to generate revenue,” said Josh Lemos, VP, Research & Intelligence.

“With our new cryptojacking detection and response capabilities, we’re looking to make this practice a thing of the past, providing enterprises and their employees with a turn-key solution that will enable them to thwart cryptojacking attempts and ensure their software and hardware are used for their intended purposes. The days of exploiting unsuspecting users for free CPU time are over.”

Identifying a potential security issue in any environment is important, however, to protect from the fallout of a widespread incident, businesses need the ability to investigate and respond to an attack fast.

Cylance Optics

BlackBerry Optics, working with BlackBerry Protect, delivers the detection and prevention capabilities needed to stay ahead of the attackers, keeping the business secure.

With BlackBerry Protect preventing malware, malicious scripts, rogue applications, and fileless attacks from harming the business, BlackBerry Optics provides the AI-powered EDR capabilities required to keep data and businesses secure.

AI Incident Prevention

Prevent Widespread Incidents With Machine Learning. By turning the endpoint into a virtual SOC, BlackBerry Optics continuously hunts for threats without human intervention.

Automate Threat Detection

Quickly Detect and Respond. Combining static, machine learning, and custom rules to identify and block advanced threats.

Minimize Attack Surface

Learn and Improve, with Every Attack. Use attack data to improve your security posture. Close gaps in your security framework to minimize your attack surface.

Find Hidden Threats

Simplify Effective Threat Hunting. BlackBerry Optics simplifies the process of advanced threat hunting, making it accessible to every member of your team

Respond Faster

Right Size Data Collection with Relevance. BlackBerry Optics provides built-in playbook-driven incident responses that can be customized to meet your business needs.

Distributed Search Collection

Right Size Data Collection with Relevance. BlackBerry Optics employs a focused approach to data collection. It retrieves only relevant security data from endpoints.

“As hackers use more sophisticated tactics to bypass detection, it’s more important than ever to have built-in hardware security features,” said Stephanie Hallford, Intel Vice President of the Client Computing Group and General Manager of Business Client Platforms.

“Building on top of the built-for-business Intel vPro platform, enabled by Intel Hardware Shield, BlackBerry takes advantage of hardware visibility to offer advanced security protection, and we applaud them for this release.”

With BlackBerry Optics, businesses get several built-in incident investigation and response options that enable them to gather relevant information about an incident and act fast, either in automated or manual fashion.