February 18, 2022

Breaking the cycle of the never-ending cat and mouse game of cybersecurity requires a new approach.

The Never-Ending Cat and Mouse Game

The Never-Ending Cat and Mouse Game
Do a quick search on the terms ransomware or cyber-attacks, and you'll quickly realize that the number of attacks and the number of payouts continues to rise at alarming rates. According to Unit 42 Security Consulting Group, the average ransomware payment in 2021 was $570K, a significant increase compared to the average $312K in 2020.

With numbers this high, it's no wonder more and more organizations are scrambling to purchase cyber insurance to protect from these types of attacks.

They may want to hurry because there's plenty of evidence that the rates for cyber insurance are also rising. According to a July 21st article in the Insurance Journal, many cyber insurers are rethinking their business altogether and have started tightening standards, boosting premiums, and slashing how much they're willing to pay for a breach. That may leave many organizations without good insurance options at a time when they need it most.

Today the approach to protecting networks, systems and equipment is to use segmented networks with firewalls and layered network intrusion detection (NIDS) and hardware intrusion detection (HIDS) software, which is designed to detect attacks and, once discovered, attempt to contain or stop the infection and stem its spread further into the organization. It's not a perfect approach, and it requires constant evolution to keep up with the ever-increasing sophistication of attacks by adversarial nation-states, cyber-criminal gangs, or malicious insiders. The constantly shifting landscape and spiraling costs make the defense against attacks a continuous cat and mouse game, with most organizations trying to play catch-up.

This chaos begs the question, is there a different way to protect from these types of attacks? Is layering additional network and hardware intrusion solutions providing any additional value? One fresh approach worth investigating is monitoring involuntary emission (power consumption) patterns. Each device or piece of equipment that consumes power also creates a power pattern.

Electromechanical Emissions Tripwires (EET) is a technology that can be used to monitor the involuntary emissions coming from devices plugged in. Combining the monitoring capability with artificial intelligence and a library of power patterns creates an opportunity to identify common deviations and accurately identify malware attacks such as ransomware. This can be done as soon as the target device or equipment is powered on.

What's truly unique about this approach is that unlike current NID and HID solutions, it doesn't reside on the same network that attackers are working hard to break into. EET sits outside the network as it monitors power patterns. This makes the EET implementation non-intrusive because it doesn't have to be loaded on the network, and in many cases can be considered plug and play. Another benefit isimplementing EET on connected devices and equipment that don't have sufficient resources to run traditional malware detection software. It's a versatile andfresh approach to detecting cyber-attacks and doing so typically far earlier than what might be possible with conventional NID and HID solutions.

Layering EET along with existing NID and HID solutions can be a powerful strategy for managing cyber-threats as we move forward. It's a valuable tool that organizations tasked with protecting critical physical infrastructure such as energy grid, 5G, defense, water supply and many more should be investigating and trialing.