With the recent cyberattacks at The Home Depot, Target, JPMorgan Chase, and now Kmart (division of Sears), one has to wonder whether the hackers have the edge in this ongoing cyberwar. Newsflash: in many ways, they do. Every day that goes by makes it easier and less expensive for bad guys to mount attacks that only a few years ago were prohibitively expensive.
And the good guys? It’s getting increasingly difficult and costly to protect even the most basic technology from a burgeoning throng of shady characters, each using a tool belt brimming with sophisticated, easily obtainable hacking tools.
As a result, when a new approach to securing Internet communications comes along that promises to shift this balance of power back to the good guys, it’s important to pay attention.
With offices in Georgia and Virginia, Dispersive Technologies has taken a page out of military communications security and applied it to the Internet in spectacular fashion. Their novel cybersecurity approach increases the degree of difficulty that even the most determined Black Hat hacker must face in order to mount an attack. What they offer their customers today, however, isn’t the most important part of their story. The real win here is Dispersive’s long-term ability to stay several steps ahead of hackers, even as the malefactors inevitably improve their own techniques.
Targeting the Man in the Middle
Dispersive Technologies blocks Man-in-the-Middle (MiM) attacks, a common arrow in the hacker’s quiver. According to Wikipedia, MiM is a form of eavesdropping where the attacker makes independent connections with the victims on either end and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. “The man-in-the-middle attack is tough, and encryption is the key defense,” according to Robert Twitchell, CEO at Dispersive Networks. “The problem is that with today’s parallel processing power, all encryption is easy to crack.”
Furthermore, encryption-based MiM prevention technologies like SSL (secure sockets layer, now called TLS, or transport layer security) and virtual private networks (VPNs) are point-to-point, while today’s complex digital world requires secure end-to-end communications, where traffic might cross many intermediate nodes – all of which become weak points ripe for MiM attacks. “MiM attacks can be mounted just by figuring out the SSL or VPN termination point,” says Jothy Rosenberg, technical director for cybersecurity research at defense contractor BAE Systems. Furthermore, “You fix the whole thing with Dispersive by going end-to-end,” according to Rosenberg.
Dispersive’s “virtual dispersive networking” is a unique approach to cybersecurity that takes a page out of now-traditional military radio spread-spectrum security approaches, where radios rotate frequencies randomly or split up communications traffic into multiple streams, so that only the receiving radio can reassemble them properly. With Dispersive, however, the Internet (or any network) is now the underlying communications platform.
Dispersive Technologies can not only split up a single message into several different simultaneous parts, but it can encrypt each component message separately and even route them over different protocols following independent paths. “We put routing on servers, computers, even mobile phones,” explains Twitchell. No longer must organizations rely upon firewalls to ensure message security, as now any device anywhere on the Internet can serve as a “deflect,” Dispersive’s term for one of these impromptu routing devices.
Dispersive’s innovation doesn’t stop with simply splitting up the messages. The data also “roll” dynamically to optimum paths – both randomizing the paths the messages take while simultaneously taking into account congestion or other network issues. The end result: “They’re making an attacker work a lot harder,” according to Rosenberg. “The bad guy would have to figure out the paths, the hops, and what order” to put the messages in – a daunting task.
Unplayed Cards in their Hand
Dispersive’s approach clearly makes MiM attacks quite difficult, and sometimes increased difficulty is all the prevention you need. After all, if burglars are casing a block, they’ll hit the house with the pile of newspapers out front rather than the one with the security fence – even though they could have climbed the fence had they wanted to.
But for some situations, simply raising the bar for hackers isn’t sufficient, like when money is involved, or when terrorists might be interested in a target like a power plant or government building. It’s no surprise that Dispersive Technologies’ initial customers are military and other government agencies. For such security-sensitive organizations, there must be several layers of security, as well as technology that will offer increasing security over time – both of which Dispersive offers.
There are also many opportunities for Dispersive’s technology in the cloud computing world. Not only can the cloud easily host the deflects at the core of their approach, but cloud environments can leverage Dispersive to establish secure interactions between clouds or between on-premise data centers and clouds. These hybrid cloud scenarios often depend upon VPNs, which tend to be flaky and slow. With Dispersive Technologies, VPNs become a thing of the past – improving the security, performance, and manageability of hybrid clouds as well as virtual private clouds.
Furthermore, Dispersive’s spread spectrum technology also serves to bypass traditional network bottlenecks and allow organizations to combine multiple network routes for blisteringly fast data transfer speeds. The result is an approach to solving Big Data’s data gravity problem: moving large data sets over the Internet can be agonizingly slow. With Dispersive, the fact that moving large data sets can now be both fast as well as secure is an added bonus.
Thinking like a Hacker
Whenever I interview a cybersecurity vendor, I always like to put on my hacker hat and ask what the best way to defeat their technology would be. In the case of Dispersive Technologies, the weak point is the initial communication setup, where the two endpoints must connect to a switch in order to initiate their secure communications. Clearly, if a hacker can compromise that switch, they can compromise the entire interaction.
Twitchell agrees. “A number of independent tests early in the development of our technology pointed out the best approach to compromising it would be to intercept the initial call set-up at our Dispersive SoftSwitch,” the device that sets up the initial interaction between endpoints. “In our current release, we’ve implemented Hidden SoftSwitch which make it extremely hard to find,” Twitchell continues. “The Hidden SoftSwitch feature leverages our own technology to obfuscate all SoftSwitch communications.”
While not entirely foolproof (as no security ever is), the fact they can use their dispersive approach to protect the initial setup as well as the message passing itself differentiates their technology from traditional algorithmic approaches like encryption. Public key encryption, for example, requires participants to secure their private key, but encrypting it would put them into an unresolvable Catch-22 situation. The Dispersive Technologies SoftSwitch doesn’t have this weakness.
Today, Dispersive Technologies’ business is largely government-centric, with initial forays into commercial industries with high-value targets like banks and utilities. But in my opinion, those early customers are the tip of the iceberg for Dispersive, as they have essentially cornered the market on the approach with their patents. “We have a really strong patent portfolio that protects us and establishes our ‘dispersive’ approach as the vanguard of Internet security,” according to Twitchell.
If it does come to pass that the dispersive approach establishes itself as a critical element of next generation cybersecurity, such a strong patent portfolio may actually work against them, as the technology marketplace has a habit of frowning upon single companies with so much power. From Dispersive Technologies’ perspective, however, this eventuality is a good problem to have.
Twitchell is optimistic. “We’d much rather collaborate with organizations so they can access our technology in a manner that makes good business sense for both of our organizations,” he says. An appropriate licensing strategy may both satisfy a skeptical market as well as make Dispersive’s shareholders a boatload of money. Only time will tell, but so far Dispersive Technologies is making all the right moves.
Intellyx advises companies on their digital transformation initiatives and helps vendors communicate their agility stories. As of the time of writing, none of the companies mentioned in this article are Intellyx customers. Photo credit: PhotosNormandie.