What do you do if hidden hardware devices such as ones attached surreptitiously behind ATM machines, or algorithms embedded in USB charging cables contain malware that may compromise your organisation’s security? On the other hand, what can you do if “supposedly safe” files such as pdf documents contain code to infect your critical systems? Are there any solutions that specifically address these new threats?
There are, now, from two Israeli cybersecurity startups: Sepio Systems and ReSec Technologies. Sepio is disrupting the cybersecurity industry by uncovering hidden hardware attacks. “Bad actors are gaining access by implanting rogue hardware,” says Mr Bentsi Ben-Atar, Sepio’s co-founder and CMO. “Sepio’s RDM (Rogue Device Mitigation) solution can stop these attacks before they do any damage.”
ReSec specialises in CDR (Content Disarm & Reconstruction) technology, which has roots in the military cyber-defense industry. The ReSec CDR platform processes all files, analyses the content structure and rebuilds a duplicate file with no loss of functionality. “The CDR isolates suspicious elements and guarantees that all users receive clean and sanitized content, attachments and downloads,” says Mr Tal Yatsiv, ReSec’s executive chairman. “The original content is stored safely outside the network for future reference or analysis.”
The two companies presented their innovative solutions on Sep 23 to a delegation of 20 CIOs and CISOs from Singapore government and MNCs on a study mission to Israel organised by the CIO Academy Asia. Mr Rami Efrati, Israel’s former head of the Civilian Division of the Israel National Cyber Bureau in the Prime Minister’s Office is an advisor to both firms. “Organisations worldwide are locked in a losing battle against malware threats,” Mr Efrati says. “That’s why conventional anti-malware methods are no longer effective for the enterprise.”
General (Retd) Efrati has served in the Israel Defence Forces for more than 28 years where he commanded operational and technological positions in military intelligence, and was conferred the Creative Thinking Award from the Director of Military Intelligence. He was in Singapore in early September to speak at the TechLawFest which was inaugurated by Mr K Shanmugam, Minister for Home Affairs and Minister for Law. Sir Tim Berners-Lee, inventor of the world wide web delivered the keynote.
Sepio’s solution has been deployed in 20 mid-to-large banks, insurance and telecom companies in Singapore, Brazil, Israel, and the US. The current installed base secures 600,000 workstations and network ports. “Rogue device cyber-attacks are rapidly growing as demonstrated by reports of banks losing tens of millions of dollars after hackers implanted hardware attack tools that compromised the secured infrastructure,” Mr Bentsi says.
These attacks are just the tip of the iceberg as most remain undisclosed. In many cases, hitting an organisation is as simple as replacing a trusted peripheral with a manipulated one. In one incident, an off-the-shelf network router was used for infiltrating a Tier 1 bank. This tiny device was plugged in-line between a printer and the enterprise network, allowing covert remote access into the bank’s IT systems. Sepio’s software was able to trace this rogue device based on its physical fingerprint.
As for ReSec, its platform can be deployed within a company’s network as an on-premise solution without open access to the Internet, or on a private or public cloud. “Our cluster-based virtual server solution includes dynamic load balancing to ensure there is never a single point of failure,” Mr Yatsiv says. “Each installation is highly scaleable to handle hundreds of thousands of email users, high volume FTP and file transfer, and thousands of endpoints. A small number of servers can process the traffic and capacity of very large organisations.”
The CIOAA study mission, called ABC (AI, Big data, Cloud) comprises CIOs, CTOs and CISOs from government agencies, insurance companies and other large enterprises and will visit companies and government agencies in Tel Aviv, Be’er Sheva and Jerusalem.
“CIOAA brings together a community of technology and business leaders from across Asia,” CIOAA’s CEO Mr P Ramakrishna says. “We actively engage our community in thought-leadership programs and initiatives to create mindshare, share global best practices and highlight use-cases that will enable better outcomes for digital transformation for organisations from different industries.
Raju Chellam, Senior Advisor, CIO Academy Asia