The COVID-19 crisis has brought about an explosion in telecommuting, with millions of workers logging in at home through networks that most likely lack the robust security of corporate networks. The problem is not only hackers trying to plant viruses or malware in e-mails and other files. There’s also the growing problem of hackers infecting hardware devices connected to these networks, according to security expert Yossi Appleboum in a phone interview with FierceElectronics.
The CEO of Sepio, a firm specializing in hardware security, Appleboum was formerly an Israeli hardware intelligence security expert. In his role at Sepio, Appleboum is working with government as well as private industry to better secure their systems against malicious attacks performed through hardware, which in his mind could include common devices such as mice, webcams, printers, Ethernet switches, and routers.
The vulnerabilities introduced with a soaring number of remote workers increased many-fold about three weeks ago as many states mandated that non-essential employees work from their home, Appleboum noted. “It has become uncontrolled with no visibility as to what is going on.”
Appleboum said that risks multiply when home users hook up their own monitors, printers, and other peripherals to company-issued computers. “This puts enterprise networks at risk. Just last week, I heard stories about bad USB devices shipped to someone’s home.”
Appleboum explained that while some malware is intentionally designed to hijack hardware, other malware can just get into the devices because of their inherent vulnerability.
Sepio devises cloud-based algorithms that rely heavily on machine learning and artificial intelligence to recognize anomalies showing up in a network. Sepio’s security system performs hardware profiling based on physical characteristics enhanced by machine learning. It also expedites enterprise-wide policy provisioning enabling fast and focused threat mitigation, and provides up-to-date threat intelligence and incident tracking.
“Our system is learning every second. Our service is running in parallel with the user’s data network and requires minimal resources from the user.”
Depending on the user’s requirements, Sepio can train a system to block devices or just send customers an alert, Appleboum noted.
In February, Sepio was added to the Approved Product List (APL) through the Continuous Diagnostics and Mitigation (CDM) Program, where the Department of Homeland Security (DHS) seeks to provide agencies with the ability to strengthen overall cybersecurity posture of federal networks.