Feeds

Cyber-security startup to flash major Android soft spots at RSA

Ex-McAfee bods grab $26m to take on hackers

Choosing a cloud hosting partner with confidence

Three big-hitters in the world of cyber security have launched a firm that intends to unmask hackers and their motives, and they've scooped up $26m to get it started. As one of its first acts, CrowdStrike plans to unveil an overview of Android's weak spots in a demo at the RSA on 29 Feb.

CrowdStrike launched in "stealth-mode" last week. The firm is headed up by George Kurtz, former McAfee CTO. Dmitri Alperovitch, formerly threat research veep at McAfee, will be CrowdStrike's CTO and Gregg Marston, former FoundStone CFO, will be the new firm's CFO. Investors Warburg Pincus, which have employed Kurtz since November, have pumped in a cool $26m into the enterprise to help it hire in talent.

New strategy

Promising a "new strategy" on cyber security, CrowdStrike said it would home in on the people behind malware rather than the software itself in a bid to protect companies and government from hackers at the highest level.

"The person or organization pulling the trigger (or deploying the malware) is the one that you ultimately need to focus on. The type of gun or ammunition they may be using is interesting, but in most cases not strategically relevant," Kurtz wrote in a blog announcing the launch.

These companies don’t have a malware problem, they have an adversary problem.

Instead of endlessly patching flaws, Kurtz argues, anti-hackers should target the soft mistake-prone humans behind the malware:

Attackers are creatures of habit and while they are fast to change their weapons, they are slow to change their methods. By identifying the adversary and revealing their unique Tactics, Techniques and Procedures (TTPs) ie, modus operandi, we can hit them where it counts – at the human-dependent and not easily scalable parts of their operations.

Targeting the hacker, not just the hack

It sounds good, but we weren't sure exactly how a CrowdStrike product would actually work. We asked Kurtz and Alperovitch:

"We will not look to replace firewalls, these existing companies will continue to provide value," said Kurtz. He stressed that it was valuable for companies to know who was attacking them and why, citing the example of a company he'd helped last year which had come under a heavy attack from competitors that had filched its loosely protected internal emails.

"The company had been protecting their financial information," he explained, but that wasn't what the hackers were after. "It was not info that any company would have expected to be hacked; the hackers were taking emails and internal messages, and handing them over to competitors."

The hack resulted in a significant intellectual property loss as competitors got a lead on confidential information about future developments and deals.

As for the end product, George was reluctant to drop many details about what a CrowdStrike report would look like: "It's not a static report, it's not a powerpoint, it's dynamic thing," he told us.

New hires

Kurtz's previous research into mobile security – particularly into mobile Remote Access Tools (RATs) – means that Crowdstrike will have a strong focus on the security of mobile devices and by crunching big data, Crowdstrike aims to gain insights that other security firms can't see.

Kurtz said that with its launch, CrowdStrike wanted to get word out that they were looking for fresh talent. "[We're letting] people know that we're a company and we're looking for the best and brightest."

CrowdStrike expects to be up and running and landing clients in the second half of 2012. We'll keep you updated. ®

Beginner's guide to SSL certificates

More from The Register

next story
NASTY SSL 3.0 vuln to be revealed soon – sources (Update: It's POODLE)
So nasty no one's even whispering until patch is out
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
US government fines Intel's Wind River over crypto exports
New emphasis on encryption as a weapon?
To Russia With Love: Snowden's pole-dancer girlfriend is living with him in Moscow
While the NSA is tapping your PC, he's tapping ... nevermind
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
Slap for SnapChat web app in SNAP mishap: '200,000' snaps sapped
This is what happens if you hand your username and password to a 3rd-party
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.