Remember the Jennifer Lawrence nude photo leaks? While our first reaction was to remove any photos we wouldn’t want our moms to see from the “cloud”, a recent spate of cyber-security breaches, including against SONY and even the White House, also made it increasingly clear that cyber-criminals are getting smarter, faster, and more dangerous.
Get our weekly highlights directly in your inbox!Sign up
The data breach against Target stores in the US, where unknown thieves compromised millions of customers’ credit and debit card numbers, cost the chain nearly $150 million in losses. But while big-name companies were just the latest targets in a series of data invasions, the majority of victims are everyday Internet users and small companies.
That’s why hundreds of cyber security startups have sprung up in recent years in the Startup Nation, battling some of the world’s most serious cyber threats. Indeed, Israel now accounts for 10 percent of global network security technology sales, which topped $60 billion in 2014, according to Israel’s National Cyber Bureau.
NoCamels reviews three of the most nepharious security threats to our digital lives, and the leading Israeli startup companies fighting them.
Spear-phishing catches you off-guard
Spear-phishing, a form of email spoofing fraud, has become a burgeoning hacking method in recent years. Hackers target organizations and individuals with seemingly innocuous emails that pretend to be from co-workers, friends, or family members, but are actually infected with malware. According to the anti-virus company Trend Micro, 91 percent of malware is delivered through these email or downloads.
Cyber-security expert Itay Glick, CEO of Israeli cyber startup Votiro, says that 80 percent of people get fooled into opening these email messages. “If you work in HR and get a CV in an attachment, your job is to open that attachment,” Glick tells NoCamels. “Once you open that attachment, the virus will attack your computer.” “It is almost impossible to predict which email is infected,” Glick notes.
Votiro’s cyber security technology inspects files and attachments that are sent digitally even before they make their way into your inbox. Incoming email messages are automatically routed directly to the Votiro cloud‑based email gateway, where its Spear-Phishing Protection Service checks all attached files for known threats. To neutralize unknown and zero-day threats, the service introduces microchanges to the files’ structure and metadata and then rebuilds the files, thus preventing exploits from attacking and spreading malware throughout your network.
Sanitized and harmless, the email messages and their attachments continue on to your organization’s email server. “The entire process is invisible to users, does not disrupt business activity—and takes less than a second!” says Glick.
Another approach is the one taken by two-year-old Israeli cyber-technology company IronScales, which teaches users how to spot a fake email that is infected with malware through a tutorial. The process is simple, yet effective: The cyber tech company sends out different emails to employees at a firm as a test, and if an employee falls for the bait, they’re redirected to an informational tutorial on safer online practices.
Celebrity nude photo scandal calls for mobile and cloud protection
According to the American information technology research firm Gartner, attacks on mobile phones are maturing and such breaches are a major concern not just for enterprises, but for people browsing the Web at home – from their smartphones. Following the massive celebrity nude photo leak of 2014, protecting data stored on your mobile phone is just as important as keeping your computers clean of infected files. Gartner predicts that by 2017, 75 percent of mobile security breaches will be the result of app misconfiguration. In other words, the misuse of personal cloud servers through apps on our devices could essentially lead to data leaks. Using Wi-Fi at public locations like airports leave our phones especially vulnerable to such occurrences.
Luckily, the up-and-coming Israeli startup Lacoon Mobile Security, founded in 2011, protects iOS and Android devices from any breaches. The mobile app, acquired by Israeli cyber giant CheckPoint for $100 million last April, runs in the background, protecting users from data theft, remote takeovers, and attacks on mobile apps. The company’s most notable customers include the Israeli Police, Samsung, and major credit card companies.
Another Israeli mobile defense startup is Skycure, which made headlines after detecting an attack on LinkedIn’s mobile application last year. This app guarantees to guide users to mobile phone safety by creating a firewall that watches for security threats, while not impairing usage and battery life. Skycure recently raised $8 million.
Social network breaches? Human intelligence to the rescue!
While keeping up with Twitter and Facebook has become a cultural barometer of our time, many of these social outlets may in fact be full infected files. Israeli startup SenseCy, which launched last year, conducts deep-Web searches to prevent our social networks from being compromised through a unique method referred to as “virtual HUMINT” – short for human intelligence. This proactive and preventative tech scans public forums, discussion groups, and websites for viruses through the help of online avatars.
The company explains: “Our Cyber Security Analysts operate a cadre of Virtual Entities embedded in deep web platforms, on password-protected forums and in exclusive social media groups. By operating these avatars inside cyber adversary networks, we extract valuable intelligence regarding attack planning and intent, data leakage, vulnerabilities and exploits.”
While getting hacked is not a pleasant experience, to say the least, new technologies and startups are constantly working to diminish the likelihood of mass attacks. With a plethora of cyber-security startups launching throughout Israel, preventing hackers from invading our personal space has certainly become a national achievement, which will hopefully make our digital world a safer place for years to come.