launches solution to mitigate hardware cyberattacks

Must Read

Over 50% candidates with Hindi, regional languages clears UPSC civil service exam in 2018

In 2018, a total of 812 candidates were recommended for central civil services, among them 485 candidates were those who had chosen Hindi or other regional languages as mother tongue

Modi govt to amend IT Act to trace rogue messages on WhatsApp

The Union government said that to trace rogue messages on platforms such as WhatsApp, it has proposed to amend the Information Technology (Intermediaries Guidelines) Rules, 2011 of the IT Act, 2000
Tech Observer Desk
Tech Observer Desk
TechObserver.in covers e-governance, enterprise IT, startups, telecom and consumer electronics.

has introduced a software solution which it says will offer comprehensive mitigation of hardware-based cyberattacks. The new solution promise to mitigate and protect against manipulated peripherals, transparent network devices, and firmware vulnerabilities.

“These attacks are just the ‘tip of the iceberg’ as most remain undisclosed.”, said Yossi Appleboum, CEO of Sepio Systems Inc. “In many cases, hitting an organization is as simple as replacing a trusted peripheral with a manipulated one. For example, we discovered multiple Raspberry Pi computer modules, that include wireless connectivity, implanted in keyboards that were used for exfiltration attacks. The implant was emulating keyboard keystrokes to infect the workstation and steal data and was running undetected before Sepio’s RDM was deployed.”

In another incident, an off-the-shelf network router was used for infiltrating a Tier 1 bank. This tiny device was plugged in-line between a printer and the enterprise network, allowing covert remote access into the bank’s IT systems. Sepio’s software was able to trace this rogue device based on its physical fingerprint.

“Manipulated devices, intentionally used by insiders or socially engineered employees, are causing significant damages. We also witness an increasing number of penetrated uncontrolled supply chains that deliver infected equipment.” said Appleboum. “While companies were focused on their software cyber risks, they overlooked the threat coming from their hardware. Users can not install unregulated software on a corporate computer but can easily connect an uncontrolled hardware accessory.”

Sepio said that its solution has been deployed in over 20 mid to large banks, insurance, and telecom companies in the U.S., Singapore, Brazil, and Israel. The current install base secures over 600,000 workstations and network ports.

Rogue device cyber-attacks are rapidly growing as demonstrated by recent reports of European banks losing tens of millions of dollars after hackers implanted hardware attack tools that compromised the secured infrastructure.

- Advertisement -
avatar
1000
  Subscribe  
Notify of
- Advertisement -

Latest in TECH

Modi govt mulling to bring national level blockchain framework

While replying to question in the Lok Sabha, the Union minister of state for electronics and IT Sanjay Dhotre said that an approach paper on National Level Blockchain Framework is being prepared
- Advertisement - ESDS eNight Cloud Hosting

Related Articles