Crossword Cybersecurity Plc, the cybersecurity solutions company focused on cyber strategy and risk, has announced the completion of a project to expand the scope of its services with CCN-CERT, the Information Security Incident Response Team (CERT) of the National Cryptologic Centre in Spain (CCN), which is accountable to the Spanish National Intelligence Centre.
CCN-CERT has expanded its use of Crossword’s cloud-based breached account mining platform, Trillion, to protect its entire public administration, including its education sector. Trillion is Crossword’s breached account mining platform, which continuously tracks, correlates, and analyses billions of stolen usernames and passwords.
Protecting digital identities
Back in 2020, during the height of the COVID-19 outbreak, CCN-CERT needed to act immediately further to enhance the security position of its national health infrastructure. The head of the cybersecurity department at CCN contacted the Trillion operations team after its global offer of support to help protect digital identities within health services.
In a matter of hours, the team at CCN was given access to Trillion, every health organisation across Spain was configured in the platform, and breached credentials data was being fed back into the CERT.
Protecting a whole public administration
CCN-CERT decided that a wider scope for Trillion would provide even greater visibility of digital identities
After a period of successful operation across the health sector, CCN-CERT decided that a wider scope for Trillion would provide even greater visibility of digital identities, such as account usernames and passwords, that may have been leaked from third parties and shared for exploitation by criminals.
Crossword collaborated with the CERT to implement new features which would enable it to extend the use of Trillion to local Government departments and organisations, while still maintaining a central, national view within the CERT. At this scale, Trillion needed to be able to deliver the data both locally and nationally when it mattered.
Data monitoring
Trillion, with the new features, was rolled out over the following weeks. CCN-CERT invited hundreds of local authorities, municipalities, town halls, and central government departments to come on board using simple automated signups, which took minutes to complete.
Trillion is monitoring hundreds of organisations, and thousands of domains and reporting leaked data on hundreds of thousands of public workers across Spain.
Multi-tenanted visibility
Jon Inns, Product Director for Arc and Trillion, comments, “Protecting large, distributed organisations, such as the public sector, where many individual entities exist is one of the more challenging aspects of cyber security at scale."
"Working with CCN-CERT, we have used Trillion to create a strong layer of multi-tenanted visibility to help defend against credential misuse, while ensuring that it’s easy for organisations to participate and benefit, from universities to hospitals."
Cybersecurity
Trillion gives a central view of threats and lowers the risk of public services by credentials-based attacks"
"Trillion gives a central view of threats and lowers the risk of public services being exploited through credentials-based attacks. Crossword considers CCN-CERT a true business partner, and we learn as much from their feedback on our products as they do from our data."
"By listening closely to client's needs we are continuously enhancing Trillion to support the cybersecurity needs of organisations operating at the top of their game.”
Continuous protection against leaked credentials
Trillion is designed to support organisations of every size, from small businesses to large enterprises, Managed Service Providers, and National CERTs, with continuous tracking, correlation, and analysis of billions of stolen usernames and passwords.
It is proven to operate at scale for any organisation concerned about the potential impact of stolen credentials from third-party data breaches, and provides the following benefits:
- Massive scale: Monitoring for credentials belonging to dozens or hundreds of domains can be initialised in minutes.
- Multi-tenancy: Trillion’s architecture enables provisioning at a local level with parent or supervisor-like drill-downs for CERT teams.
- APIs: Trillion has rich APIs enabling CERT teams to integrate with existing systems to reduce analyst time.
- Privacy: Trillion enables the teams to work with the data in a safe environment without compromising the trust of the users and peers.
- Clarity: Trillion enriches data with assessments of accuracy and impact, saving valuable analysis cycles.
- Instant on: Automated user enrolment and in-application configuration means users can start protecting even the largest environments, fast.