By Rob Sloan, cybersecurity research director, WSJ Pro
The Department of Homeland Security announced last week it has awarded a $200,000 contract to a Seattle-based startup as part of a plan to harden critical infrastructure cyberdefenses.
One part of DHS’s broad cybersecurity mission is helping critical national infrastructure–sectors such as energy, health care and government–secure networks and data from damaging attacks. An ever-growing number of cybercriminals with an increasing number of tools and techniques ensure this is no easy task.
Through a regular dialogue with CNI sectors, the DHS has compiled a list of defensive gaps in each industry and is working with cybersecurity companies to fund research into potential solutions.
This $200,000 award was made under DHS Science and Technology Directorate’s Next Generation Cyber Infrastructure Apex program. According to DHS, the Apex program will identify, develop, test, evaluate and deploy cutting-edge technologies to deter cyberattacks against the critical sectors. It’s part of a broad strategy meant to help the private sector fend off hackers before they cause a large electrical outage, financial system malfunctions, or other potential crises that could affect the nation.
The financial services sector, which experiences more hacking attempts than perhaps any other field, identified a number of challenges it faces that DHS is seeking to address. Those challenges include “dynamic defense,” which consists of making defensive changes in real-time to thwart attacks.
Working on the belief that firewalls and other traditional defenses too often fail, DHS hopes introducing a new layer of complexity will significantly increase the cost of compromising a system.
This contract, awarded to the endpoint detection and response startup Veramine Inc., is meant to better protect financial services by with what Veramine has dubbed “cyber-deception” and “moving-target defense” techniques.
Many attackers operate essentially as a business, by investing in hacking tools and trying to monetize stolen information. By making it more difficult to hack companies, Veramine aims to raise the costs for attackers and, ideally, deter them. Where a hacker persists, Veramine attempts to lure the attacker into taking steps that will highlight their intrusion.
Veramine chief executive Jonathan Ness said: “When an attacker compromises a machine, the environment they are operating in is always the same, making it easy for them to move around a network and steal data.” Mr. Ness added: “Veramine will change characteristics of the operating system in ways they don’t expect to make that process significantly more risky.”
The project will build on work Veramine has previously done in this space for the U.S. Air Force, Mr. Ness said.
The bid process for Apex program awards is streamlined to minimize overheads for startups and places greater emphasis on demonstrations of capability rather than lengthy written documents. Projects are run over four phases with the potential for up to $800,000 in funding. In the first phase, Veramine will be expected to produce a proof of concept.
(Rob Sloan is cybersecurity research director at WSJ Pro. Previously, Rob has worked as response director for a specialist IT security consultancy in London and built a team focused on detecting, investigating and protecting against cyber intrusions and responding to incidents, especially state-sponsored attacks. Rob started his career working for the U.K. government, looking at some of the earliest cyberattacks against the critical national infrastructure. Rob’s main interest is the requirements, motivations and technical capabilities of threat actors.)