THE PROBLEM

The use of malicious hardware by cyber offenders is rapidly growing. Rogue devices are implanted by insiders or delivered through manipulated supply chains are not mitigated by competing cyber-security tools

Hacking into air-gapped network using a malicious peripheral device

  • Researchers discovered classified documents of a large utility operator on the internet
  • An infected mouse was delivered (part of larger shipment) with same make and model as others in organization
  • Inside the casing was a miniature USB hub for interconnecting the existing mouse circuitry and Raspberry Pi computer
  • When plugged in, the infected device was detected by the host PC as a combination of a fully functional mouse and a keyboard
  • The infected mouse had a wireless interface, so it could be out- of-band operated and bypass the air-gap
Hacking into air-gapped network using a malicious peripheral device

HARDWARE CYBER RESILIENCE

XBAND provides complete mitigation for malicious hardware attacks before they can cause any harm.

FINGER PRINTING

Hardware profiling based on physical layer characteristicsenhanced by Machine Learning.

MITIGATING

Intuitive, enterprise wide, policy provisioning enabling fast and focused threat mitigation.

REPORTING

Up-to-date threat intelligence , actionable information and real time incident tracking.

COMPLETE MITIGATION FOR MALICIOUS HARDWARE ATTACKS BEFORE THEY CAN CAUSE ANY HARM

YOUR NEXT CYBER INCIDENT MAY BE HIDING IN PLAIN SIGHT…

Discovery of rogue devices
and ghost devices

Hardware finger printing
and behavior analytics

Alert and block any usage
breach or attack attempt

Granular security policies
at the device level

Cloud based threat intelligence
and early warning

DETECTION & MITIGATION

ROGUE HARDWARE

INVISIBLE NETWORK DEVICES

MANIPULATED FIRMWARE

Hardware Attacks in the News

Attacks Are Coming

Attacks Are Coming

Regulation is Coming

Regulation is Coming

Tier 1 Bank Leaking Data; Attackers used Transparent Network Devices

  • Attackers have gained continuous and invisible access to the secured network
  • Unsuccessful investigations led the bank to seek out and utilize the platform
  • The attackers used the Proxicast PocketPORT2 mobile router
  • The devices were configured to run in virtual cable mode using a remote switchboard server thus leaving no traces
  • The attack setup is invisible to Intrusion Detection (IDS), Network Access Control (NAC), and other industry tools
Tier 1 Bank Leaking Data

STOP These Attacks Now!

Insider Threat

Insider Threat

Employees that bring uncontrolled devices into the environment

Supply Chain Attack

Supply Chain Attack

Devices are exchanged or manipulated during the way to the enterprise

Advanced Persistent Threats

Advanced Persistent Threats

People with physical access are being socially engineered to carry the infection in

error: