“Hackers know where their bread is buttered, so they now attack remotely.”

Shahar Daniel, CEO of the information security company Safe-T
Shahar Daniel, CEO of the information security company Safe-T

COVID-19 has accelerated the transition to WFH (work from home) or remotely, and greatly increased organizations' exposure to cyber attacks at their most vulnerable point - the remote connection to computer systems. Safe-T offers a solution that doesn't require replacing existing VPNs

|
דצמבר 2020
|
טכנולוגיה

Do you check that your doors are locked at night before you go to bed? Your answer to this question is most likely to be “Yes.” After all, you own items of value, be it monetary or sentimental, and they need to be kept secure. But have you considered the computerized systems of your company or organization? Before you turn out the lights and curl up under the covers, do you make sure all computerized systems and data are protected from a break-in? We can presume that the information contained in your company or organization’s system is worth millions of dollars, or even more, but the chances of it being safe from theft are unlikely.

“I like comparing the physical and virtual worlds,” says Shachar Daniel, CEO of information security company, Safe-T, which develops technologies for secure remote access solutions, based on the Zero Trust and Identity Awareness models. We are all aware of the potential damage caused due to a home burglary. Or at the airport for that matter: Multi-system damage can begin with little hacks, which can ultimately result in danger to human life. In the virtual world, we don’t sense the kind of danger to our physical being, so it is more difficult to comprehend, however, it exists. Anyone who’s been witness to a break-in on their shift, would say, ”An person who is unfamiliar could never understand.”

“A business, or any other organization subject to a cyber-attack, can be exposed to various levels of damage. First and foremost, there is the risk of all activity coming to a complete halt as a result. It’s a strike that can accumulate a cost of millions of dollars’ worth of damage, possibly more, depending on the size of the business. For over 30 years, more or less, organizations have been relying on outdated methods for VPN access, and firewall and identification using OTP, which is sent to the user’s mobile phone to authorize a remote connection. Gone are the days when these methods held water. Statistics show that more than 80% of security violations stem from identity and password theft. The target of the attackers has changed; there fore the organization needs to change its goal and focus more on the security of the user and prevention of identity theft.

 “However, beyond that lurks an even greater danger: one that threatens the company’s reputation. In certain cases, the business can beutterly destroyed, or it can cost billions of dollars in damage. Take the example of Yahoo, whose takeover bid was $350 million dollars less than the original price on the deal, after it had faced a huge data breach. In addition, a company that contains confidential information and suffers a theft, can expect to face huge lawsuits from its clients.”

An example from the Safe-T system | Photos courtesy of Safe-T

What are an organization’s weak points with respect to information security?

“We have engaged in the field for several years already, and our experience is that many organizations are mostly business-focused. Accordingly, any investment that is not related to the core-purpose of the business, any expenditure that does not yield ROI, is reduced as much as possible. There are well-known, respectable organizations, which employ students part-time as their information security managers. This is a practice that would never take place in their sales department, for example, since that department undergoes an assessment by the CEO at the end of the year. They therefore land up in a situation where their areas at risk are not managed properly.

“It’s a real problem, because the cyber world is insane. A burglar that breaks into your house may not necessarily be the most intelligent of people. However, in the cyber world, there are no limits to the sophistication and intelligence of hackers; they are constantly reinventing themselves, and bringing new threats to the victim. No business or organization should ever have a moment’s peace as long as they have insufficient protection, which renders them still at risk. An organization that is not open to innovation and relies on outdated solutions, as they feel it is enough for the time being, or perhaps they’re simply not concerned since it has posed no problems to date, is exposing itself to new attackers. What protected them yesterday, can no longer protect them tomorrow.

“Another issue is the lack of discipline or understanding on the part of the employees, who are unaware of the risks posed to the information security. Attacks begin once an employee fails to follow procedure, which enables hostile parties to infiltrate the organization. Over and above all this, organizations, especially large ones, use numerous information systems, as well as defense systems, where everyone communicates with each other. Occasionally there are glitches that develop, and the hackers know how to locate them in order to infiltrate the systems.”

COVID-19 has facilitated in accelerating the transition from the work place to home, which has also exacerbated the security issue. What is your approach to resolving the problem?

 “Even before COVID-19, we observed that the world was changing, and once the pandemic is over, it won’t be the same as before. We have overcome our limits. Once people would wake up in the morning, go to work, and sit at their desk behind a closed office door. Now they work from every location possible: airports, coffee shops, remote areas. The current solutions for remote security access are not answerable to the multitude of cyber threats we see today. Hackers know where their bread is buttered, and indeed, most attacks are targeted at remote connections.”

“Some companies offer to replace the entire VPN array. It is updated and made more secure. We have such a product. However, we understand that this arrangement is not a simple one, certainly not for a large organization that has been working with a specific system for over 20 years, which runs all its applications. We therefore have a different solution: Nothing needs replacing. The existing VPN infrastructure remains intact and we secure it according to a simple principle: We separate the place of employee identification authorization and access to the organization itself, and we enable the identification and authorization of the user by means of what we call multi-factor continuous authentication.

That is, we may have a user who for now identifies himself only once at the time of connection via a one- time password (OTP), which gets sent to his mobile phone, following which he is able to connect freely at any time to a predefined space in the organization. With Zone Zero™, a Safe-T technology, he will be required to use a strong identity authentication using multi-factor authentication (MFA), via his mobile phone or by means of a biometric device. This will be authenticated anew, each time he attempts to connect to any of the organization’s services.

“If we go back to the physical world – let’s say someone needs access to a very sensitive security facility. I won’t supply him with the address immediately, but will send him somewhere else, and only once I have absolutely and positively confirmed his identity, will I direct him – but only to the room he needs to get to, so that he can’t go anywhere in the whole facility. In our context, access will be given only to the specific application to be utilized by the employee, instead of providing him access to the entire system, including areas containing classified or sensitive information.

Daniel concludes, “We have a state-of-the-art solution which has already been implemented in elite intelligence units. Its uniqueness is reflected by the fact that even after an employee has gained access, from our standpoint, the danger still exists, and we therefore continue affirming that he indeed is the person with the correct authorization. This occurs each time he attempts to access sensitive information. The solution of multi-step identification as opposed to applications and existing database services, provides a complete alternative for a secure remote connection – even with the existing VPN. It allows us to continue preventing insider threats throughout the procedure, and to minimize vulnerability that is liable to occur due to human error.”

יש לכם רעיון למגזין משלכם? צרו קשר