Many Cyber Security Startups are Failing

2017 was the year that had a lot of hacking headlines. The Equifax outbreak was one of the most critical ones. These cyber-attacks deterred many security startups. The timing of the situation is strange as the amount of cyber attacks should pave the way for many cyber security startups (Cyber security start-ups fall on hard times). Some of the reasons are that they are struggling against advanced hackers along with bigger companies developing same technology (Cybersecurity Startups Struggle). In the crowded market, a lot of them are failing to live up on their promises on how good the security is. The situation was very uncommon that David Cowman, a partner at Bessemer Venture Partners, mentioned that he has never seen such a fast-growing market with so many companies on the losing side. The cyber security industry is driven on the belief that there is no end in sight to cyber attacks or companies’ need to protect themselves (Baker).

Even then, only a handful of startups succeeded. The failed startups have become “corporate zombies” due to their inability of fetching a good price in an initial public offering or becoming acquisition targets according to some experts. These startups failed also because their inability to adapt to the evolving technology behind cyber attacks. Some companies tackle this problem by consolidating their security work, using just a few large players rather than spreading business around (Baker). This also saves money and a lot of trouble.

-Anil Adharapurapu

Sources:

https://www.pymnts.com/startups/2018/cybersecurity-startups-ipo-cybercrime-cyberattacks/

https://www.itnews.com.au/news/cyber-security-start-ups-fall-on-hard-times-481445

https://www.reuters.com/article/us-cybersecurity-startups-analysis/under-threat-cyber-security-startups-fall-on-harder-times-idUSKBN1F62RW

Advertisements

RSA Key Factorization Attack

Following the revelation of the KRACK WPA2 vulnerability,  another widespread vulnerability, dubbed ROCA, appeared affecting millions of devices running Infineon Technology’s Trusted Platform Module chips.

Cryptographic RSA pairs generated on Infineon’s TPM are vulnerable to a factorization attack. It allows attackers to reverse-calculate someone’s private key based solely off of their public key. The risks of this vulnerability are that the attacker can impersonate the key owner, decrypt the user’s data protected by this key, injecting malware into signed software, etc.

Major vendors including Infineon, Google, and Microsoft have already released the software updates for affected hardware and software as well as guidelines for mitigation of the vulnerability.

End users are encouraged to patch their affected devices as soon as possible.

– Matthew Turi

Sources

https://thehackernews.com/2017/10/rsa-encryption-keys.html

The Hard Apple: Why It’s Difficult to Acquire Malware on a Mac

It always seems like there is a new virus, new malware, new adware, that happens to pop up on a computer running Windows. But why do we not here about this happening on a Mac? The answer is hidden under the operating system, tracing it to it’s roots, along with the attacker’s target audience.

Apple Mac computers are a Unix based operating system. Unix is normally a very secure operating system with their own built in features. Along with this, Apple has added its own type of security features along with this. One of these features is called Gatekeeper. Gatekeeper blocks any software than hasn’t been digitally signed and approved by Apple. A second feature  used by Mac’s is known as the act of Sandboxing. The process involves the checking of applications to confirm that they are only doing what they’re supposed to be doing. Sandboxing also isolates the applications from system components and other parts of the computer that do not have anything to do with the app’s initial designed purpose. The final security that is used by Apple is called FileVault2, which is a simple file management system that encrypts all of the files on the Mac computers. These embedded securities created by Apple help to create a more secure system for their users.

Normally, it would be thought that Mac users would be an easy group to target, but based on recent data, it is seen by most attackers that the amount of people present in the Apple community is not worth the overall effort of making a virus or malware that can be successful for passing through all of the Apple security obstacles. The reason why there are very limited viruses/malware for Mac devices, is because the attackers have a greater and easier target audience for Windows users.

Regardless of the very few amount of Mac related viruses and malware, there have still been instances of them occurring. In just 2017, there has been a 230% increase in Mac malware. An example of this is the OSX/Dok malware. OSX/Dok occurred in April 2017 and was a trojan that would hijack all incoming and outgoing traffic with the Mac computer. The trojan was signed with a valid certificate from Apple, meaning that the hackers could have used a legitimate developers account to initialize this attack. Another attack that took place in February of 2017 was called MacDownloader. This adware would display to a user as a free update for the Adobe Flash Player. When the installer ran, the program would prompt the user that there is adware on the Mac and would prompt for the system password. This would then begin the process of transmitting data (ie. usernames, passwords, etc.) to a remote server. The final example of successful Mac malware would be one called Safari-Get. Happening in November of 2016, this was a type of social engineering that involved sending out links through emails and the link either opening multiple iTunes windows, or multiple draft emails (just depending on the Mac operating system version). This would cause the system to freeze or cause a memory overload and force a shutdown.

Regardless of the lack of effort put forth by attackers towards Mac users, there still should be some safety concern for users. This can be made easily by updating applications and being careful when clicking links or even opening certain files.

-Ryan Keihm

Sources

Do Macs get viruses, and do Macs need antivirus software?

16 Apple Security Advances to Take Note of in 2016

Volkswagen establishes new cyber security company called CyMotive Technologies.

Last week on the 14th of September, Volkswagen had announced that they have formed a new corporation called CyMotive Technologies with the goal of helping to insure that smart cars and self driving cars can be protected from attacks by hackers, who could otherwise potentially threaten the lives of both the passengers of the car and the surrounding pedestrians.

volkswagen-emblemThis company is being co-owned by Yuval Diskin, ex-head of Israel’s Shin Bet Intelligence Agency, along with two other of his colleagues.  Diskin has been a consultant in the cyber security community since he left Shin Bat in 2011, also apparently having worked with Volkswagen for about half a decade before CyMotive was launched.

This is no doubt in response to concerns of safety in a more connected vehicle.  As more and more systems become electronic and hackable, the worry of what a hacker can do to a vehicle remotely have also increased.  This need for security will only increase as we start to see companies making self driving cars, which if hacked could be a massive danger to those on the road.

As it stands CyMotive will be only working with Volkswagen, though perhaps over time it might either offer its services to other automotive companies or inspire similar firms to be developed.

Original Article: http://www.reuters.com/article/us-volkswagen-cyber-israel-idUSKCN11K1DA

-jes5746

iPhone Passcode Hack

Just a few days ago, Dr Sergei Skorobogatov, who works at the University of Cambridge laboratory, was able to develop a method to crack an unknown pin code on an iPhone 5c.  He did it by removing the Nand chip, which is the main memory of the phone, studying how it communicated with the phone and successfully cloning it.

The purpose of this is to allow for an unlimited number of passcode attempts as usually an iPhone will lock up after a few incorrect tries. This directly contradicts a claim by the FBI that this method (called Name mirroring) would not work during the time they were attempting to access San Bernardino gunman Syed Rizwan Farook’s iPhone 5c.

Dr Skorobogatov made a YouTube video demonstrating his method of removing and replacing the Nand chip and the successful reset of the passcode lockout counter.

Using this method, he was able to crack a 4 digit code in about 40 hours and a 6 digit code could take hundreds of hours. In order to crack newer phones, Dr Skorobogatov said more information was needed about how Apple stored data in memory and he would need a more sophisticated set-up to extract the memory chip.

Apple has not responded to this yet.

Link to original article: http://www.bbc.com/news/technology-37407047