With the recent cyberattacks at The Home Depot, Target, JP Morgan Chase, and now Kmart (division of Sears), one has to wonder whether the hackers have the edge in this ongoing cyberwar. Newsflash: in many ways, they do. Every day that goes by makes it easier and less expensive for bad guys to mount attacks that only a few years ago were prohibitively expensive.
And the good guys? It’s getting increasingly difficult and costly to protect even the most basic technology from a burgeoning throng of shady characters, each using a tool belt brimming with sophisticated, easily obtainable hacking tools.
As a result, when a new approach to securing Internet communications comes along that promises to shift this balance of power back to the good guys, it’s important to pay attention.
With offices in Georgia and Virginia, Dispersive Technologies has taken a page out of military communications security and applied it to the Internet in spectacular fashion. Their novel cybersecurity approach increases the degree of difficulty that even the most determined Black Hat hacker must face in order to mount an attack. What they offer their customers today, however, isn’t the most important part of their story. The real win here is Dispersive’s long-term ability to stay several steps ahead of hackers, even as the malefactors inevitably improve their own techniques.
Targeting the Man in the Middle
Dispersive Technologies blocks Man-in-the-Middle (MiM) attacks, a common arrow in the hacker’s quiver. According to Wikipedia, MiM is a form of eavesdropping where the attacker makes independent connections with the victims on either end and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. “The man-in-the-middle attack is tough, and encryption is the key defense,” according to Robert Twitchell, CEO at Dispersive Networks. “The problem is that with today’s parallel processing power, all encryption is easy to crack.”
Furthermore, encryption-based MiM prevention technologies like SSL (secure sockets layer, now called TLS, or transport layer security) and virtual private networks (VPNs) are point-to-point, while today’s complex digital world requires secure end-to-end communications, where traffic might cross many intermediate nodes – all of which become weak points ripe for MiM attacks. “MiM attacks can be mounted just by figuring out the SSL or VPN termination point,” says Jothy Rosenberg, technical director for cybersecurity research at defense contractor BAE Systems. Furthermore, “You fix the whole thing with Dispersive by going end-to-end,” according to Rosenberg.
Read the entire article at http://www.forbes.com/sites/jasonbloomberg/2014/10/16/cybersecurity-turning-the-tide-on-hackers-with-dispersive-technologies/.
Intellyx advises companies on their digital transformation initiatives and helps vendors communicate their agility stories. As of the time of writing, none of the companies mentioned in this article are Intellyx customers. Photo credit: PhotosNormandie.
Nice read! I fully agree with the approach we embrace devops culture and also keep the legacy systems working and developing policies and procedure to keep those SILOs in check and also comply with IT policies based on solid framework.