Cybersecurity inherently favors offensive attacks. Current cyber defenses are generic, whereas attacks are specialized. Security product vendors track global threats using honeypots, create static or behavior signatures, and distribute them to their customers. Thus, each installation of a product has the same attack surface.
The days of solo hacker infecting the most machines, the model of attack that generic defense addresses, are long gone. Cyber attacks now are planned, crafted, and executed by professionals. They are aimed at specific target, with specific intent. Attackers repeatedly probe the defense of their target, modifying their attack at each attempt, until the attack is different enough to beat detection.
Attacker’s Achilles Heel
For all their invincibility, cyber attackers too have Achilles Heel. Their weapon, malware, also carries their weakness. Malware is software. And writing good software is expensive. Just like any commercial software, its cost is managed by reusing the same code over many attacks. In other words, a Zero-Day attack is not executed using code developed in zero days. To be successful a Zero-Day attack too will use code that has been tested, hardened, and proven over a long time. That is the attackers weakness, even though an attacker can use a variety of way to obfuscate the code, it cannot fundamentally change its DNA, at least not cost effectively. The DNA embedded in malware, if decoded, can provide a fingerprint to identify it.
Cythereal’s advantage is a patent-pending technology that, in a sense, “sequences malware DNA.” This technology, with roots in the DARPA Cybergenome program, performs deep static and dynamic analyses, such as those performed by optimizing compilers, to construct normalized algebraic expression that succinctly represent “what” the malware does, abstracting away only the “how”. Unlike signatures used by classic AV systems, the sequenced DNA is lossless. More importantly, the sequenced DNA also removes the layers and layers of obfuscations employed by malware, and lays bare its purpose in the rawest form.
Using proprietary malware DNA sequencing technology, Cythereal converts the malware stream targeted at an organization to defuse targeted attacks.
To know more, to know how, contact us.