Feeds

Cyber-security startup to flash major Android soft spots at RSA

Ex-McAfee bods grab $26m to take on hackers

Protecting against web application threats using SSL

Three big-hitters in the world of cyber security have launched a firm that intends to unmask hackers and their motives, and they've scooped up $26m to get it started. As one of its first acts, CrowdStrike plans to unveil an overview of Android's weak spots in a demo at the RSA on 29 Feb.

CrowdStrike launched in "stealth-mode" last week. The firm is headed up by George Kurtz, former McAfee CTO. Dmitri Alperovitch, formerly threat research veep at McAfee, will be CrowdStrike's CTO and Gregg Marston, former FoundStone CFO, will be the new firm's CFO. Investors Warburg Pincus, which have employed Kurtz since November, have pumped in a cool $26m into the enterprise to help it hire in talent.

New strategy

Promising a "new strategy" on cyber security, CrowdStrike said it would home in on the people behind malware rather than the software itself in a bid to protect companies and government from hackers at the highest level.

"The person or organization pulling the trigger (or deploying the malware) is the one that you ultimately need to focus on. The type of gun or ammunition they may be using is interesting, but in most cases not strategically relevant," Kurtz wrote in a blog announcing the launch.

These companies don’t have a malware problem, they have an adversary problem.

Instead of endlessly patching flaws, Kurtz argues, anti-hackers should target the soft mistake-prone humans behind the malware:

Attackers are creatures of habit and while they are fast to change their weapons, they are slow to change their methods. By identifying the adversary and revealing their unique Tactics, Techniques and Procedures (TTPs) ie, modus operandi, we can hit them where it counts – at the human-dependent and not easily scalable parts of their operations.

Targeting the hacker, not just the hack

It sounds good, but we weren't sure exactly how a CrowdStrike product would actually work. We asked Kurtz and Alperovitch:

"We will not look to replace firewalls, these existing companies will continue to provide value," said Kurtz. He stressed that it was valuable for companies to know who was attacking them and why, citing the example of a company he'd helped last year which had come under a heavy attack from competitors that had filched its loosely protected internal emails.

"The company had been protecting their financial information," he explained, but that wasn't what the hackers were after. "It was not info that any company would have expected to be hacked; the hackers were taking emails and internal messages, and handing them over to competitors."

The hack resulted in a significant intellectual property loss as competitors got a lead on confidential information about future developments and deals.

As for the end product, George was reluctant to drop many details about what a CrowdStrike report would look like: "It's not a static report, it's not a powerpoint, it's dynamic thing," he told us.

New hires

Kurtz's previous research into mobile security – particularly into mobile Remote Access Tools (RATs) – means that Crowdstrike will have a strong focus on the security of mobile devices and by crunching big data, Crowdstrike aims to gain insights that other security firms can't see.

Kurtz said that with its launch, CrowdStrike wanted to get word out that they were looking for fresh talent. "[We're letting] people know that we're a company and we're looking for the best and brightest."

CrowdStrike expects to be up and running and landing clients in the second half of 2012. We'll keep you updated. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.