Feeds

Cyber-security startup to flash major Android soft spots at RSA

Ex-McAfee bods grab $26m to take on hackers

5 things you didn’t know about cloud backup

Three big-hitters in the world of cyber security have launched a firm that intends to unmask hackers and their motives, and they've scooped up $26m to get it started. As one of its first acts, CrowdStrike plans to unveil an overview of Android's weak spots in a demo at the RSA on 29 Feb.

CrowdStrike launched in "stealth-mode" last week. The firm is headed up by George Kurtz, former McAfee CTO. Dmitri Alperovitch, formerly threat research veep at McAfee, will be CrowdStrike's CTO and Gregg Marston, former FoundStone CFO, will be the new firm's CFO. Investors Warburg Pincus, which have employed Kurtz since November, have pumped in a cool $26m into the enterprise to help it hire in talent.

New strategy

Promising a "new strategy" on cyber security, CrowdStrike said it would home in on the people behind malware rather than the software itself in a bid to protect companies and government from hackers at the highest level.

"The person or organization pulling the trigger (or deploying the malware) is the one that you ultimately need to focus on. The type of gun or ammunition they may be using is interesting, but in most cases not strategically relevant," Kurtz wrote in a blog announcing the launch.

These companies don’t have a malware problem, they have an adversary problem.

Instead of endlessly patching flaws, Kurtz argues, anti-hackers should target the soft mistake-prone humans behind the malware:

Attackers are creatures of habit and while they are fast to change their weapons, they are slow to change their methods. By identifying the adversary and revealing their unique Tactics, Techniques and Procedures (TTPs) ie, modus operandi, we can hit them where it counts – at the human-dependent and not easily scalable parts of their operations.

Targeting the hacker, not just the hack

It sounds good, but we weren't sure exactly how a CrowdStrike product would actually work. We asked Kurtz and Alperovitch:

"We will not look to replace firewalls, these existing companies will continue to provide value," said Kurtz. He stressed that it was valuable for companies to know who was attacking them and why, citing the example of a company he'd helped last year which had come under a heavy attack from competitors that had filched its loosely protected internal emails.

"The company had been protecting their financial information," he explained, but that wasn't what the hackers were after. "It was not info that any company would have expected to be hacked; the hackers were taking emails and internal messages, and handing them over to competitors."

The hack resulted in a significant intellectual property loss as competitors got a lead on confidential information about future developments and deals.

As for the end product, George was reluctant to drop many details about what a CrowdStrike report would look like: "It's not a static report, it's not a powerpoint, it's dynamic thing," he told us.

New hires

Kurtz's previous research into mobile security – particularly into mobile Remote Access Tools (RATs) – means that Crowdstrike will have a strong focus on the security of mobile devices and by crunching big data, Crowdstrike aims to gain insights that other security firms can't see.

Kurtz said that with its launch, CrowdStrike wanted to get word out that they were looking for fresh talent. "[We're letting] people know that we're a company and we're looking for the best and brightest."

CrowdStrike expects to be up and running and landing clients in the second half of 2012. We'll keep you updated. ®

The essential guide to IT transformation

More from The Register

next story
One HUNDRED FAMOUS LADIES exposed NUDE online
Celebrity women victimised as Apple iCloud accounts reportedly popped
Rubbish WPS config sees WiFi router keys popped in seconds
Another day, another way in to your home router
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
NZ Justice Minister scalped as hacker leaks emails
Grab your popcorn: Subterfuge and slur disrupts election run up
HP: NORKS' cyber spying efforts actually a credible cyberthreat
'Sophisticated' spies, DIY tech and a TROLL ARMY – report
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?