AI-generating malware, deep pretend identification spoofing, and state-sponsored ransomware are only a few of the most recent strategies that attackers are utilizing to bypass conventional cybersecurity instruments. Ritesh Agrawal, CEO of cybersecurity startup Airgap Networks, seen that lots of the assaults that compromise enterprise networks fail to penetrate telco and repair supplier networks.
“Regardless that they’re deploying the identical routers, switches, and firewalls, there’s one thing essentially completely different about telco networks that shields them from many threats to enterprise LANs,” Argawal stated. Agrawal has 20 years of expertise with cybersecurity, enterprise networking, and cloud computing, most of that point spent with Juniper Networks specializing in telco and huge enterprise shoppers.
“I discovered that the basic distinction in service supplier, and particularly telco subscriber, networks is that one person doesn’t have an effect on different customers as a result of they’re in a zero-trust atmosphere. I can textual content you or Zoom with you, however my cellphone can not discuss to your cellphone on a community stage,” Argawal famous.
His insights concerning the completely different safety profile of telco versus enterprise networks led Argawal and several other of his Juniper colleagues to discovered Airgap Networks in 2019. Since their launch, the startup has raised seed and Collection A funding, developed a “ransomware kill swap,” and attracted a number of on-the-record prospects, together with Dropbox and Skyline Enterprises.
Airgap not too long ago acquired greater than $four million in follow-on funding to its Collection A spherical, which brings its complete funding to $23 million. Storm Ventures is the lead investor. Different traders embody Cervin, Engineering Capital, Sorenson Ventures, and particular person traders.
Airgap’s kill swap is designed to cease ransomware with a single click on
In response to Argawal, nothing illustrates the divide between enterprise and telco networks like ransomware. Whereas telco networks are segmented in a means that makes it troublesome for malware to unfold from system to system, enterprises are usually caught flat-footed when ransomware hits, with technicians operating round information facilities pulling cables to attempt to isolate contaminated machines. In the meantime, as enterprises proceed to handle the issue with outdated instruments and guide strategies, attackers are getting extra subtle, leveraging AI and machine studying, which pushes the price of ransomware assaults larger.
In response to a report from Cybersecurity Ventures, by 2031 a ransomware assault will hit each 2 seconds, and, in complete, ransomware will value victims $265 billion every year. The latest ransomware assault on MGM Resorts Worldwide illustrates simply how damaging these assaults may be. Attackers penetrated MGM’s networks by way of a easy phishing name to a assist desk, and as soon as their ransomware unfold, a variety of business-critical methods have been shut down, from ATMs to on line casino gaming machines to lodge keycard methods. The assault continued to disrupt operations for at the least 10 days.
Airgap Networks has developed a ransomware kill swap, a one-click button within the Airgap administration dashboard that blocks all lateral device-to-device communications, whereas additionally blocking network-level communications amongst workstations and purposes.
As a company’s incident response group begins to counter the assault, they’ll deliver machines and important methods which were vetted and confirmed as uncompromised again on-line incrementally. As soon as the ransomware has been totally eradicated, one click on restores regular community insurance policies and operations.
Airgap’s zero-trust platform depends on microsegmentation
The inspiration of Airgap Networks’ cloud-based cybersecurity service is its Zero Belief Firewall (ZTF), which is designed to guard the enterprise community core and mission-critical property. The fundamental concept, because the startup’s title implies, is to nearly airgap crucial infrastructure and gadgets in software program by way of what the startup calls “agentless microsegmentation.”
The difficulty with conventional LAN architectures is that enterprise endpoints are usually grouped into unrestricted enterprise VLANs, the place they’re free to speak with each other. Enterprises maintain ports open on numerous networked gadgets to allow free communications between endpoints and servers for business-critical visitors.
Sadly, allowing free and open network-level communications creates huge vulnerabilities. Each unrestricted open port will increase the enterprise’s assault floor, and lateral device-to-device communications makes it simple for malware to unfold shortly all through the group. The safety gaps within the typical enterprise LAN are understood by cybercriminals, who exploit open community communications to stage profitable assaults.
To deal with these points, Airgap’s Zero Belief Isolation know-how blocks all unauthorized lateral motion inside the LAN. Airgap microsegmentation wraps a policy-based safety perimeter round every workload that defines which different workloads it may possibly talk with and the way.
Airgap additionally prevents any lateral scanning makes an attempt. If an intruder breaches the perimeter safety, exploits a misconfiguration, or tips an insider by way of social engineering, the attacker will achieve solely restricted, restricted entry.
Airgap ZTF extends SSO/MFA authentication to a variety of crucial property which are usually poorly protected, together with SCADA, ICS, OT, IoT, and legacy gadgets. It totally segments each endpoint, authenticates machine-to-machine communications, and offers AI- and ML-driven risk detection.
To enhance its capacity to find and handle related gadgets, Airgap acquired NetSpyGlass, a community and asset intelligence resolution supplier, in June 2023. As a result of at this time’s enterprise networks are extremely dynamic, discovering and visibility instruments usually miss many related property. Each acquisition, addition of a brand new campus or department, and even simply the transferring of kit between amenities creates modifications that escape discover. Thus, many enterprises do not know what’s related to and the place every thing is on their networks.
NetSpyGlass capabilities are built-in into the Airgap ZTF, giving it higher visibility into core networks with various topologies. “The better the accuracy of asset discovery in these methods, the shorter the response time,” stated Agrawal. The combination additionally provides the flexibility to ship detailed insights into system standing, attributes, and interactions, serving to directors pinpoint dangerous gadgets.
To offer superior warning of threats to crucial infrastructure, Airgap has additionally developed an AI-powered risk detection and response device, ThreatGPT. This device makes use of a mixture of graph databases and GPT-Three fashions to ship cybersecurity insights to IT groups. ThreatGPT integrates contextual data, comparable to person identification and system sort, for correct detection and fewer false positives. It additionally features a natural-language interface, so directors can ask questions and achieve suggestions by way of plain English queries.
A networking firm disguised as a safety firm
Argawal contends that the explanation enterprises proceed to battle with safety gaps in enterprise networks, 12 months after 12 months, is as a result of LANs depend on outdated applied sciences. “The LAN atmosphere for enterprises is 30 or 40 years outdated,” Argawal stated. “VLANs have been invented in 1984.”
Whereas zero belief and microsegmentation are their worth propositions at this time, these are solely two steps on Airgap’s long-term roadmap. As the corporate grows, Airgap’s roadmap places it on a path to develop past safety and add networking capabilities, as effectively. “We’re a networking firm disguised as a safety firm,” Argawal stated. “Our aim is to personal and innovate the enterprise LAN, which represents a multi-billion-dollar market alternative.”
This roadmap will ultimately put Airgap Networks on a collision course with just a few massive incumbents. Right this moment, Airgap competes with a variety of cybersecurity firms, from conventional firewall distributors to zero-trust suppliers to entry management firms. Nevertheless, if the corporate achieves its aim of rearchitecting the enterprise LAN, it’s going to ultimately go head-to-head with the likes of Cisco and Juniper.
Airgap Networks at a look
Yr based: 2019
Funding: $23 million from Storm Ventures, Cervin, Engineering Capital, Sorenson Ventures, and particular person traders
Headquarters: Santa Clara, Calif.
CEO: Ritesh Agrawal
What they do: Present a Zero Belief Firewall (ZTF) for crucial infrastructure
Rivals embody: Authentic8, BetterCloud, Duo Safety, Elisity, Okta, Mesh Safety, Xage Safety
Named prospects: Dropbox, KCAS, Tillys, and Skyline Enterprises
Copyright © 2023 IDG Communications, Inc.