With US President-Elect Joe Biden having finally been, without any doubt, absolutely declared the winner of the 2020 Presidential election, Russia appears to be dropping any pretense that it’s not an enemy of the USA. With news emerging that multiple US government agencies and thousands of American businesses have been infiltrated by Russki hackers, security agencies are on high alert.
Emails sent by officials at DHS, which oversees border security and defense against hacking, were monitored by the hackers as part of the sophisticated series of breaches, three people familiar with the matter told Reuters Monday.
The attacks, first revealed by Reuters Sunday, also hit the U.S. departments of Treasury and Commerce. Parts of the Defense Department were breached, the New York Times reported late Monday night, while the Washington Post reported that the State Department and National Institutes of Health were hacked.
Which means it would be the perfect time for a company to come up with a means of using Artificial Intelligence to run constant, bottleneck-free background ID checks on employees as they work, and have an existing contract with the Department of Homeland Security to prove that technology out that JUST HIT ITS FIRST MILESTONE.
The Victoria-based cybersecurity provider completed the milestone, the first in a series of four deliverable milestones, under a US$198,000 contract from the DHS Science and Technology Directorate’s Silicon Valley Innovation Program (S&T SVIP). The contract tasks Plurilock with continuing to develop and refine a new generation of machine-to-machine authentication and security technologies.
Typically, hackers looking to penetrate a network first try a little social engineering to get themselves a login and password. And users, who typically dislike having to fiddle about with long and difficult to remember passwords, often take shortcuts that end up giving their details away.
The Plurilock system uses multiple metrics measured while the user is working to ensure that user is who they say they are. From location to keyboard typing patterns to how many tabs you have open to what sites and tools you’re using, the system is constantly looking for signs that something unusual is going on, like a virtual workplace fingerprint.
This might have come in handy during the big Russian hack, which got into the government systems by virtue of third party software, and did its work, undetected, for months.
Technology company SolarWinds, which was the key steppingstone used by the hackers, said up to 18,000 of its customers had downloaded a compromised software update that allowed hackers to spy unnoticed on businesses and agencies for almost nine months. [..] Because the attackers could use SolarWinds to get inside a network and then create a new backdoor, merely disconnecting the network management program is not enough to boot the hackers out, experts said.
The news will undeniably prove devastating for the billion-dollar SolarWinds (SWI.NYSE), which is used by Fortune 500 companies around the world, as well as multiple government agencies across the Western world, and the similarly valued FireEye (FEYE.Q), which was also involved in the breach. Solarwinds stock was down 16% yesterday on the news.
For Plurilock, the timing doesn’t suck.
“Our work with DHS and the Silicon Valley Innovation Program has been incredibly productive,” says Ian L. Paterson, CEO of Plurilock Security Inc. “As an organization built around machine learning and anomaly detection, it’s been exciting to watch this new technology evolve. SVIP has been instrumental in the progress we’ve made in this part of the cybersecurity landscape.”
Plurilock expects machine-to-machine authentication to become an increasingly important cybersecurity capability as smart devices, embedded computing, and the Internet of Things continue to become more common in government and business settings.
Plurilock stock jumped 10% on the news to close near its high at $0.38.
— Chris Parry
FULL DISCLOSURE: Plurilock is an Equity.Guru marketing client.