Organizations are increasingly at risk of insider breaches. The problem is getting worse, not better, with global losses approaching $3 trillion a year. The fear of real threats is justified: for example, the two million classified files copied by NSA contractor Edward Snowden, the theft of 750,000 classified, or unclassified but sensitive, military and diplomatic documents by soldier activist Chelsea Manning, the 2013 theft of over 25 weapons systems blueprints from the Pentagon,the loss of 25 gigabytes of sensitive corporate and personal data from Sony Pictures Entertainment computers, as well as by the publication of many sensitive files on Wikileaks.
Kryptera Technologies has a breakthrough approach to stopping leaks of stolen private files.
Interview with Dr. Alastair Sweeny, VP Business Development of Kryptera Technologies.
In-Sec-M : how Can Kryptera Protect Organizations ?
Kryptera Technologies: File encryption, with regularly scheduled encrypted backups, are the major ways to defeat leaks of stolen files and associated loss.
We’re pessimistic – dedicated thieves, particularly insiders, will always find ways to steal and transport what they want and little can be done to stop it. Kryptera offers a simple solution to stopping leaks – preventing use after theft, by making stolen files useless to thieves. With Kryptera in operation, there is no way thieves can decrypt a file without access to the same Kryptera server, or the same secure group of Kryptera servers, used to encrypt the file.
I: what motivates cybercriminals today?
K: Attacks are levied in retaliation for perceived grievances, to bring down a competitor, silence opposition, stifle contrary information, make money or simply to cause chaos. Attacks can create high-paying work for people associated with an attacked organization. An internal criminal can leverage internal chaos to steal and transport private files and information.
I: what solution do you have for protecting enterprises and organizations?
K: Kryptera Enterprise and Mirage product lines share features such as manual or automated high-speed encryption and decryption of many files at the same time with internal private key management. The Enterprise server is a general purpose tool that can be customized for clients. The Mirage server is far faster than Enterprise, and best used for special situations where extreme speed is needed.
We can also offer cybersecurity consultation. Kryptera can be customized in ways that broaden out protection. For example, we’re working on a Document Control System that could expand to encryption of desktops. We are also consulting on cryptographic issues with a leading edge IoT company in San Francisco.
I: how does Kryptera work exactly?
K: Kryptera is a turnkey solution that can be used to fully automate encryption and decryption of files, including files within complex directory chains, without reliance on external key management. It can also be used to automate encryption of backups of any size. It is non-invasive in that it waits for files and directories to process, processes them, and moves the results to queues for pickup and removal. Files encrypted by a specific Kryptera server can usually only be decrypted by that server. This prevents use of stolen files that have been protected by Kryptera.
I: what does Kryptera not do?
K: Kryptera works on stopping the leak of private digital assets – such as stolen patents, marketing plans and database backups. The technology does not currently operate on data in motion.
We cannot stop breaches of cloud space even if they are due to human error or intention. In the case of Capital One, Kryptera could not have prevented losses because they specifically placed private files in cloud space in original form. If they cannot simply encrypt the files they store in cloud space, then nothing can be done to protect them.
The RCMP breach was due to the alleged thief having full access rights to files that were stolen. At that level, he would also have the right to decrypt encrypted files. The only difference we could make would be to help put a system in place to ensure that no one could decrypt too many files over a short period of time.
However, Kryptera would have operated very much as advertised in the case of the Snowden, Wikileaks or Sony Pictures leaks, where masses of files were at risk.
I: how can In-Sec-M help you pursue your mission?
K: Kryptera is looking for project partners and organizations who see merit in our approach, who currently are not satisfied with their current encryption landscape, and are interested in hardening their defences, particularly against insider threats. We are also seeking a VAR or channel partner to assist with marketing and licensing our technology, particularly to the underserved SMB market. To arrange a meeting or a conference call, or for more detailed information, please contact me at mailto:firstname.lastname@example.org.
Resource for In-Sec-M members: https://kryptera.ca/security_risks.html