McAfee Labs Advanced Threat Research

Security vulnerabilities to drive mitigations and the development of more secure technology

What we do

At McAfee Labs Advanced Threat Research (ATR), our goal is to identify and illuminate a broad spectrum of threats in today's complex and constantly evolving landscape. Our best-of-breed research team leverages a wide range of unique skills and talents to address this challenge. ATR researchers are responsible for leading-edge research in nearly every vertical of threat, including those targeting specific industries such as banking, retail, medical, academic, industrial controls, and many more. We process a variety of malicious content from McAfee's extensive endpoints, allowing us to track global malware campaigns as well as the nation-states and malicious actors behind them. ATR also invests heavily in vulnerability research, working to find and publicly report critical vulnerabilities in the world's most ubiquitous hardware and software.

The threat landscape

In this interview with Information Security Media Group, Raj Samani, chief scientist and McAfee Fellow, and Steve Povolny, head of the Advanced Threat Research group, discuss threat trends, campaigns, and attackers.

Watch Video

Research focus

The ATR team continually conducts leading-edge research into the threats that impact a variety of industries. Below are a few of the key areas we are currently focused on. They will be updated as new research is released.

 

Automotive

Autonomous and connected vehicles demonstrate a nascent but rapidly growing target for threat actors. Vehicle-to-X (V2X) communication—with vehicles connecting to each other, surrounding infrastructure, pedestrians, the cloud, and personal devices—provides many new capabilities and new security responsibilities. ATR investigates the attack surfaces in autonomous vehicles as well as the machine learning algorithms and physical-to-digital attacks related to them.

SCADA and industrial control systems

Multiple threats and attacks over the past few years have proven that industrial control systems are a growing target for malicious actors with numerous potentially dangerous outcomes. ATR is currently investigating multiple areas of SCADA and ICS implementations, including human machine interface (HMI) software, programmable logic controllers (PLCs), and network protocols common to this vertical, such as MODBUS, ICCP, DNP3, and others.

Healthcare and medical devices

The digital transformation in the healthcare industry is truly unlike any other industry. The rapid advancement and innovation—from medical devices and surgical advances to patient management and care—brings new opportunities that can help improve lives, but potential security issues can literally have life and death implications. Our research explores medical devices, networks, protocols, and security practices within the industry to help healthcare organizations continue to innovate securely.

Software-defined radio

In this internet of things (IoT) world where just about everything is talking to something, the secure transmission of data is critical. If basic encryption and authentication are not used, protocols such as wireless networking, Bluetooth, baseband, broadband, and radio can be sniffed, reverse engineered, and potentially compromised. Our research looks at radio frequency, including near-field-communications (NFC and RFID), and wireless transmissions to determine potential impacts to network and proximity devices.

News & events

Check out the ATR team in the news and at various security conferences around the world.

 

Upcoming Conferences

MPOWER
October 16–18, 2018, Las Vegas
October 30, Sydney
November 8, Tokyo
November 28–29, Rome
Register Now >


RSA 2019
March 4–8, 2019, San Francisco Register Now >

 

Media Coverage

Our blogs

View All