Thursday Sep 12, 2013 by Dennis Keohane - Staff Writer, VentureFizz
You know that famous scene in Mission:Impossible where Tom Cruise drops into a top secret room through the ceiling, the one that has been parodied almost hundreds of times.
The entire premise is kind of hilarious looking back. Tom Cruise drops into a secured computer room at the CIA headquarters to break into a computer, a standalone desktop surrounded by insane security measures no less. He downloads some top secret data and barely escapes with a hard copy of that disk of classified material.
The scene is pretty humorous looking back at it today, and outdated for two different reasons. First, I mean, hacking into a locked down computer in a room somewhere? That seems like a premise that is decades old. As has been seen with the recent press coverage of cyber attacks at the New York Times and Twitter, hackers don't need a Hollywood-type escapade to break into some of the more important networks and websites these days.
Second, if the scene were to be an accurate portrayal of cyber security today, when Cruise's character "spider drops" into the secret room evading a laundry-list of outrageous technologies, he wouldn't be alone. CounterTack would be there waiting for him.
What is CounterTack?
Besides being one of the fast-growing security companies in Boston, here is what I know:
1. The company is not only at the front-line of cyber security, they are the cyber world's secret agents as well.
2. The folks running and working CounterTack are serious about protecting intelligence, intellectual property, privacy, and personal information.
3. These guys are smart, with years of cyber security and military experience behind them, but they are also the badass cloak-and-dagger types of the twenty-first century.
Changing World of Cyber Security
The world of security has undergone a significant evolution over the past fifteen years.
During the 80’s and 90’s, most computer viruses, while part of the cultural consciousness, were often nothing more than nuisances for Windows operating system users, with some rare exceptions. Out of this era, companies like McAfee and Symantec leveraged the fear of viruses into pretty successful businesses.
However, since 2004, that world changed, as CounterTack’s CEO Neal Creighton explained. Hacking today is a more professional activity with much different participants than the hackers and virus makers who were mostly out to have fun and wreak a little havoc in the 80’s and 90’s.
As Creighton said, cyber security now has to defend against attacks from three very different types of groups with differing agendas: state sponsored cyber threats, hactivists, and the criminal element.
He explained that with state sponsored attacks, “Each state develops its own capabilities. The US has its own capabilities, China has it own capabilities...it has become a way to gather information without doing something where you are causing harm physically."
The main goal of state sponsored cyber attacks is to “get all kinds of great intelligence, all kinds of great intellectual property, to gain an a competitive advantage for your country,” Creighton added.
Hactavists like Anonymous are a more imposing threat than they would have been years ago because, as Creighton explained, “They have much greater tools, as well as anonymity.”
“It’s easier to get all the hacking tools that you need. There are malware as a service tools that have popped up all over the internet. You can go and order malware just like a SaaS company.”
The access to more readily available and harmful cyber attack tools has also benefited from organized crime groups. “The problem that we have internationally with organized crime,” Crieghton said, “is that they have access to the same tools that hactivists have access to, but they are in it for profit.”
The methods that cyber attackers use has changed since 2004 as well, while the defense mechanisms have been slow to evolve.
As Creighton explained it, “We went from these bulk viruses to these very specific and sophisticated malware and attack structures, and the antivirus market didn’t detect any of these things.”
“Attack methods got ahead of the defense methods,” he added.
To respond to the growing threat of cyber attacks, security companies built better firewalls, and tools that could inspect a network for weaknesses.
As Creighton said, “We did it well, but even with the advance on the network side, the attacks are getting worse.”
Countertack was created in 2004 by former NeuralIQ founder Alan Capalik to take a different, more offensive approach to securing networks. Capalik, who moved to the US from Yugoslavia in the 90’s, figured that the best place to protect against cyber threats was at the endpoints, workstations for example.
As Creighton explained, the company decided to “forget what [a threat] looks like and see how it behaves once it hits the operating system.”
“If we can be covert and underneath the hacker so they can’t see us,” he said, “and if we can see everything that they do to an operating system, we can understand what manipulations have to happen to the system for that machine to be taken over. We can detect very quickly that the attack is happening.”
CounterTack tracks hackers down in operating systems, and learns the methods they are using before shutting them down. By building a database of various attack attempts and tools, Countertack quickly find similarities in networks to stop a threat before it can do harm. This is quite a different approach than trying to block attacks with firewalls that are becoming increasingly less effective against new hacking methods.
“It’s a totally radical way of thinking,” Creighton said. “You will get infected. The name of the game is the time between infection and detection. If we can bring it down to 90 seconds, a minute, or an hour versus the three months or even sometimes the year we are seeing these attacks happening over now, we can stop the attack.”
“We have developed technology built on that premise,” he added.
Behind and Ahead of CounterTack
The company made a huge leap in 2008 when William Fallon, a retired Navy admiral who was the Commander of the US Central Command from March 2007 to March 2008, joined CounterTack after meeting the founding team at MIT. Fallon, whose name and military career may be familiar, was teaching at MIT and immediately realized the importance of CounterTack's product to national security. So he helped the company raise $8 million and stayed on as an advisor.
In 2011, Fairhaven Capital was part of a Series A round of funding that invested $9.5 in CounterTack. As Fairhaven's Mark Hatfield explained, he was attracted to the company because "the whole premise that bad actors or the bad guys are already in your network, was, at the the time of our investment, something quite novel."
"It has since been proven out," Hatfield said. "They were the first people talking about how all the money being spent on security focused on building up a wall and focusing on that wall, when the bad guys were showing up with a 'ladder' to jump over the wall. Building the wall costs a lot more money than bringing a ladder to scale the wall."
Hatfield continued, "At the end of the day, people got over or around the wall. So then we need to spend time, money, and energy to build a bigger wall, and the bad guys show up with a bigger ladder."
"It's constant," he added, "You are never catching up to them."
In CounterTack, he saw something different. "It's the only technology out there to help organizations see and manage cyber attacks."
Recently, CounterTack announced a big deal with SK Infosec, the massive South Korean information security services provider. Partnering with SK is impressive because SK, a vital security company for South Korea, which is constantly under siege from North Korean cyber attacks, believes strongly enough in CounterTack's capabilities to help them manage the North Korean threats.
More than anything, CounterTack is important because of the high level of threat that we are learning about everyday, whether it be with the recent Syria cyber attacks or other nefarious parties.
It is good to know that one very innovative and dedicated local company is at the forefront of helping to protect our personal security and our nation.