The Never-Ending Cat and Mouse Game
Do a quick search on the terms ransomware or cyber-attacks, and you’ll quickly realize that the number of attacks and the number of payouts continues to rise at alarming rates. According to Unit 42 Security Consulting Group, the average ransomware payment in 2021 was $570K, a significant increase compared to the average $312K in 2020. With numbers this high, it’s no wonder more and more organizations are scrambling to purchase cyber insurance to protect from these types of attacks.
They may want to hurry because there’s plenty of evidence that the rates for cyber insurance are also rising. According to a July 21st article in the Insurance Journal, many cyber insurers are rethinking their business altogether and have started tightening standards, boosting premiums, and slashing how much they’re willing to pay for a breach. That may leave many organizations without good insurance options at a time when they need it most.
Today the approach to protecting networks, systems and equipment is to use segmented networks with firewalls and layered network intrusion detection (NIDS) and hardware intrusion detection (HIDS) software, which is designed to detect attacks and, once discovered, attempt to contain or stop the infection and stem its spread further into the organization. It’s not a perfect approach, and it requires constant evolution to keep up with the ever-increasing sophistication of attacks by adversarial nation-states, cyber-criminal gangs, or malicious insiders. The constantly shifting landscape and spiraling costs make the defense against attacks a continuous cat and mouse game, with most organizations trying to play catch-up.
This chaos begs the question, is there a different way to protect from these types of attacks? Is layering additional network and hardware intrusion solutions providing any additional value? One fresh approach worth investigating is monitoring involuntary emission (power consumption) patterns. Each device or piece of equipment that consumes power also creates a power pattern. Palisade is a technology that can be used to monitor the involuntary emissions coming from devices plugged in. Combining the monitoring capability with artificial intelligence and a library of power patterns creates an opportunity to identify common deviations and accurately identify attacks on boot integrity and recurring system behaviour. This can be done as soon as the target device or equipment is powered on, even before software-based solutions become active.
What’s truly unique about this approach is that unlike current NID and HID solutions, Palisade doesn’t reside on the same network that attackers are working hard to break into. Palisade sits outside the network as it monitors power patterns. This makes the Palisade implementation non-intrusive because it doesn’t have to be loaded on the system, doesn’t alter the network, and in many cases can be considered plug and play. Another benefit is implementing Palisade on connected devices and equipment that don’t have sufficient resources to run traditional malware detection software. Overall, Palisade is a versatile and fresh approach to detecting cyber-attacks and doing so typically far earlier than what might be possible with conventional NID and HID solutions.
Layering Palisade along with existing NID and HID solutions can be a powerful strategy for managing cyber-threats as we move forward. It’s a valuable tool that organizations tasked with protecting critical physical infrastructure such as energy grid,5G, defense, water supply and many more should be investigating and trialing.