Feeds

Cyber-security startup to flash major Android soft spots at RSA

Ex-McAfee bods grab $26m to take on hackers

Secure remote control for conventional and virtual desktops

Three big-hitters in the world of cyber security have launched a firm that intends to unmask hackers and their motives, and they've scooped up $26m to get it started. As one of its first acts, CrowdStrike plans to unveil an overview of Android's weak spots in a demo at the RSA on 29 Feb.

CrowdStrike launched in "stealth-mode" last week. The firm is headed up by George Kurtz, former McAfee CTO. Dmitri Alperovitch, formerly threat research veep at McAfee, will be CrowdStrike's CTO and Gregg Marston, former FoundStone CFO, will be the new firm's CFO. Investors Warburg Pincus, which have employed Kurtz since November, have pumped in a cool $26m into the enterprise to help it hire in talent.

New strategy

Promising a "new strategy" on cyber security, CrowdStrike said it would home in on the people behind malware rather than the software itself in a bid to protect companies and government from hackers at the highest level.

"The person or organization pulling the trigger (or deploying the malware) is the one that you ultimately need to focus on. The type of gun or ammunition they may be using is interesting, but in most cases not strategically relevant," Kurtz wrote in a blog announcing the launch.

These companies don’t have a malware problem, they have an adversary problem.

Instead of endlessly patching flaws, Kurtz argues, anti-hackers should target the soft mistake-prone humans behind the malware:

Attackers are creatures of habit and while they are fast to change their weapons, they are slow to change their methods. By identifying the adversary and revealing their unique Tactics, Techniques and Procedures (TTPs) ie, modus operandi, we can hit them where it counts – at the human-dependent and not easily scalable parts of their operations.

Targeting the hacker, not just the hack

It sounds good, but we weren't sure exactly how a CrowdStrike product would actually work. We asked Kurtz and Alperovitch:

"We will not look to replace firewalls, these existing companies will continue to provide value," said Kurtz. He stressed that it was valuable for companies to know who was attacking them and why, citing the example of a company he'd helped last year which had come under a heavy attack from competitors that had filched its loosely protected internal emails.

"The company had been protecting their financial information," he explained, but that wasn't what the hackers were after. "It was not info that any company would have expected to be hacked; the hackers were taking emails and internal messages, and handing them over to competitors."

The hack resulted in a significant intellectual property loss as competitors got a lead on confidential information about future developments and deals.

As for the end product, George was reluctant to drop many details about what a CrowdStrike report would look like: "It's not a static report, it's not a powerpoint, it's dynamic thing," he told us.

New hires

Kurtz's previous research into mobile security – particularly into mobile Remote Access Tools (RATs) – means that Crowdstrike will have a strong focus on the security of mobile devices and by crunching big data, Crowdstrike aims to gain insights that other security firms can't see.

Kurtz said that with its launch, CrowdStrike wanted to get word out that they were looking for fresh talent. "[We're letting] people know that we're a company and we're looking for the best and brightest."

CrowdStrike expects to be up and running and landing clients in the second half of 2012. We'll keep you updated. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
USB coding anarchy: Consider all sticks licked
Thumb drive design ruled by almighty buck
Attack reveals 81 percent of Tor users but admins call for calm
Cisco Netflow a handy tool for cheapskate attackers
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
Oi, Europe! Tell US feds to GTFO of our servers, say Microsoft and pals
By writing a really angry letter about how it's harming our cloud business, ta
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Managing SSL certificates with ease
The lack of operational efficiencies and compliance pitfalls associated with poor SSL certificate management, and how the right SSL certificate management tool can help.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.