Last weekend’s sophisticated cyber attack will most likely make its creators, probably a group of non-state cyber-criminals, richer by tens of thousands of dollars, but the big chunk of it will go to a much more legitimate, white-hatted industry. The entire cyber-security industry will grow even larger with bigger multi-million dollar enterprise contracts. Particularly, startups that deal with the main characteristics of the attack (named WannaCry), will rise higher above the rest of the clutter.
In this post, we’ll mention some of these promising startups, but first, let’s describe the threats that were demonstrated during last weekend’s mega-attack. Like many cyber attacks, this one also started with phishing, meaning sending out emails purporting to be from a well-known source with links that will carry users to fraudulent sites, where their login details are compromised. The second threat was ransomware through file encryption: a complete encryption of the files, warning that they will be deleted in the event that the owner will not pay Bitcoin as ransom.
The third threat is hijacking a utility through old fashioned IT, thus halting necessary services such as telecom or healthcare. The fourth is the EternalBlue vulnerability in Microsoft’s file sharing system, which was discovered by the NSA and then leaked last month by a group which calls itself Shadow Brokers. No one knows how this weapon leaked from the NSA, but it is not improbable that an insider did it.
Now, let’s mention some of the startup companies that effectively deal with threats such as phishing, spear phishing, files hijacking, and ransomware:
Cybereason provides real-time cyber attack detection and response tech for the enterprise by analyzing lower software layers in a network. Their endpoint detection and response platform identifies, visualizes and finds a solution to the smallest faint evidence of malicious activity without relying on a human cyber-hunter following the steps of the attacker.
Cybereason also launched RansomFree, a free tool that works alongside any existing antivirus software. It is entirely focused on detecting and preventing ransomware infestation by looking for patterns common to the attacker’s behavior. without relying on signatures. RansomFree creates baits, or traps, such as the Documents folder. PC Magazine reviewed the product very recently. Cybereason raised $89 million from Softbank, Lockheed Martin, Spark Capital, CRV.
Read here for Zirra’s Premium Insights Report on Cybereason
The Israeli anti-ransomware company has raised $24 million to detect, characterize and prevent ransomware attacks, from investors such as Glilot Capital, Blackstone, Blumberg Capital, Wipro, and Vintage. In August 2016, the company, together with Check Point, released a report on the Cerber Ransomware and its affiliates, generating $195K. According to an analysis of this weekend’s WannaCry attack, Intsights says that about $30K was paid to the attackers as a ransom.
Solebit inspects every file before allowing it into the network, making it impossible for any stream with executable code to gain entry. This approach is innovative in that it prevents attacks through a ‘quarantine’ that does not attempt to detect suspicious motives or harmful activity, but rather simply blocks all possible problematic code. In addition, the solution does not require internet connectivity and functions without the deployment of agents in an organization or cyber-experts to oversee the system.
The patent-pending technology of Solebit’s SoleGate platform disrupts targeted attacks and malware delivery by inspecting all data and blocking data streams which contain unauthorized code making it impossible to penetrate the network, no matter how encrypted it may be. The company raised $2 million from Glilot Capital.
Read here for Zirra’s Premium Insights Report on Solebit LABS
The company fights unknown threats, while most of the cyber companies protect against known viruses and malicious code or activity. Votiro created a “content disarm and reconstruction technology”, which prevents unknown and Zero-day exploits from penetrating a system. It is doing so by analyzing all email attachments and by deleting and by cleaning these files, thereby seeking to prevent threats from entering a company’s email server. Votiro raised $14 million so far from Redfield Asset Management and private investors.
The company was founded on the recognition that external threat actors cannot be prevented from infiltrating networks, and instead focuses on preventing the theft and tampering of critical data, such as log-in details, in the event of a cyber-attack. Ensilo raised so far $21 million from Lightspeed, Carmel, and Rembrandt.
Read here for Zirra’s Premium Insights Report on Ensilo
Zerto is a disaster recovery company that helps businesses backup and recover data using software that creates less need for physical storage. The company provides disaster recovery software for customers with data stored in both data centers and in the cloud on VMware-based virtual servers. In the case of a virus, accident, or some other problem, Zerto’s software allows businesses to access their previous data and ensure business continuity.
In the case of ransomware, solutions like Zerto allow users to roll back to a consistent point in time before the attack, and simply “erase” the attack from ever happening. Zero raised $130 million from 83North, IVP, Battery, CRV, Access, and Harmony.
Read here for Zirra’s Premium Insights Report on Zerto
Founded by professionals from known cyber-security companies Check Point, Imperva, and WebSense, Fireglass developed a client-less solution which isolates browsers from web content by executing all content originating from the web in a secure environment and streaming only a visual feed to the browser without impacting user experience. The Fireglass system can protect end-users from threats including “drive-bys” and ransomware, and also works as a protection for web applications against threats such as cross-site scripting and automated attacks.
The company raised $20 million from Lightspeed, NVP, Singtel, and Trusteer’s co-founders Mickey Boodaei and Rakesh Loonkar.
Read here for Zirra’s Premium Insights Report on Fireglass
Preempt tackles the threat of credential stealing. There are many cyber security companies that analyzing credentials to ensure identity, but Preempt claims to require less human involvement and to create less hustle towards real users in an organization that change their daily behavior like going to other countries than the ones they had travelled to or working with different teams than the usual team. Preempt Security raised $10 million from General Catalyst and Trusteer’s co-founders Mickey Boodaei and Rakesh Loonkar.