Feeds

Cyber-security startup to flash major Android soft spots at RSA

Ex-McAfee bods grab $26m to take on hackers

Choosing a cloud hosting partner with confidence

Three big-hitters in the world of cyber security have launched a firm that intends to unmask hackers and their motives, and they've scooped up $26m to get it started. As one of its first acts, CrowdStrike plans to unveil an overview of Android's weak spots in a demo at the RSA on 29 Feb.

CrowdStrike launched in "stealth-mode" last week. The firm is headed up by George Kurtz, former McAfee CTO. Dmitri Alperovitch, formerly threat research veep at McAfee, will be CrowdStrike's CTO and Gregg Marston, former FoundStone CFO, will be the new firm's CFO. Investors Warburg Pincus, which have employed Kurtz since November, have pumped in a cool $26m into the enterprise to help it hire in talent.

New strategy

Promising a "new strategy" on cyber security, CrowdStrike said it would home in on the people behind malware rather than the software itself in a bid to protect companies and government from hackers at the highest level.

"The person or organization pulling the trigger (or deploying the malware) is the one that you ultimately need to focus on. The type of gun or ammunition they may be using is interesting, but in most cases not strategically relevant," Kurtz wrote in a blog announcing the launch.

These companies don’t have a malware problem, they have an adversary problem.

Instead of endlessly patching flaws, Kurtz argues, anti-hackers should target the soft mistake-prone humans behind the malware:

Attackers are creatures of habit and while they are fast to change their weapons, they are slow to change their methods. By identifying the adversary and revealing their unique Tactics, Techniques and Procedures (TTPs) ie, modus operandi, we can hit them where it counts – at the human-dependent and not easily scalable parts of their operations.

Targeting the hacker, not just the hack

It sounds good, but we weren't sure exactly how a CrowdStrike product would actually work. We asked Kurtz and Alperovitch:

"We will not look to replace firewalls, these existing companies will continue to provide value," said Kurtz. He stressed that it was valuable for companies to know who was attacking them and why, citing the example of a company he'd helped last year which had come under a heavy attack from competitors that had filched its loosely protected internal emails.

"The company had been protecting their financial information," he explained, but that wasn't what the hackers were after. "It was not info that any company would have expected to be hacked; the hackers were taking emails and internal messages, and handing them over to competitors."

The hack resulted in a significant intellectual property loss as competitors got a lead on confidential information about future developments and deals.

As for the end product, George was reluctant to drop many details about what a CrowdStrike report would look like: "It's not a static report, it's not a powerpoint, it's dynamic thing," he told us.

New hires

Kurtz's previous research into mobile security – particularly into mobile Remote Access Tools (RATs) – means that Crowdstrike will have a strong focus on the security of mobile devices and by crunching big data, Crowdstrike aims to gain insights that other security firms can't see.

Kurtz said that with its launch, CrowdStrike wanted to get word out that they were looking for fresh talent. "[We're letting] people know that we're a company and we're looking for the best and brightest."

CrowdStrike expects to be up and running and landing clients in the second half of 2012. We'll keep you updated. ®

Internet Security Threat Report 2014

More from The Register

next story
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
China is ALREADY spying on Apple iCloud users, claims watchdog
Attack harvests users' info at iPhone 6 launch
Carders punch holes through Staples
Investigation launched into East Coast stores
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.