◎ Science and Technology Daily reporter Hu Dingkun
Recently, a reporter from Science and Technology Daily encountered a network security company called "Cyber 2.0" at the "Cybertech 2022" summit in Israel. The company has made a name for itself because it hosts hacking challenges every year, and any hacker who can break through its cyber defense system will receive a huge reward of $100,000. In the past 4 years of competitions, more than 5,500 hackers around the world have carried out millions of cyber attacks, but no one has been able to take away the prize money so far.
What kind of technology does it dare to compete with hackers around the world? With this question in mind, the reporter interviewed Snell Rosenfeld, CEO of Cyber 2.0, and erez Kaplan Haylean, the inventor and chief technology officer of the cyber defense system.
In 2018, Cyber 2.0 hosted a hacker challenge in Israel.
Where is the traditional cyber defense system weak?
"The traditional network defense system is based on a biological model, and determines whether a program is a computer virus by detecting feature codes, which is somewhat similar to the detection of the new crown virus." Snell told reporters that the traditional network defense system will only take measures to prevent the spread of the virus throughout the network of enterprises, institutions, organizations and other networks after it is found.
Snell said the technology is no longer able to cope with the current cybersecurity situation. On the one hand, the technology can only detect and defend against viruses that exploit known vulnerabilities, and cannot discover new viruses based on "zero-day vulnerabilities" that have not yet been exposed. At present, new viruses are emerging at a very fast rate, even every day and every second. On the other hand, many computer viruses have the function of shutting down and removing the network defense system of infected computers, which makes it easy to spread to the entire network of the organization to which they belong through the infected computer.
The reporter learned that in recent years, computer viruses that appear in major cyber attacks around the world often have the above capabilities. For example, the DarkSide ransomware virus that stormed the U.S. oil pipeline system in 2021 could exploit multiple vulnerabilities to gain initial access, while uninstalling and removing a variety of security software.
How to prevent viruses without detection?
"Since the traditional cyber defense system cannot achieve 100 percent, it is necessary to use a new technical route." Mr. Erez said that throughout his long career, he has been thinking about how to develop a breakthrough technology that can fully protect against cyberattacks.
According to Snell and Erez, the core technology of Cyber 2.0 is zero trust and mathematical chaos algorithms. The so-called zero trust means that the system does not trust any program by default, but scans all the software in the computer through artificial intelligence algorithms, and generates a software "whitelist" that allows the use of network resources according to customer requirements and software security.
The so-called chaotic algorithm technology means that each computer in the cyber-protected network will have a "mathematical chaos algorithm engine" installed. When data flows between two computers in the network, the network traffic of the software in the whitelist is "scrambled" by the engine using a mathematical chaos algorithm before it flows out of one computer, and it needs to be correctly "descrambled" by the same engine's reverse algorithm to enter the next computer. The program outside the whitelist is different, its network traffic will not be "scrambled", but it needs to be "descrambled" when flowing into other computers, because there is no "scrambling", "descrambling" will inevitably fail, and the traffic will be "rejected".
Snell stressed that Cyber 2.0 does not detect viruses to defend against viruses, but blocks all programs outside the whitelist, including the latest type of virus based on "zero-day vulnerabilities". Therefore, even if a computer virus successfully infects a computer on an organization's internal network protected by Cyber 2.0, it cannot continue to infect other devices connected to that computer and cannot spread to the entire network.
The reporter learned that the well-known Israeli media "Jerusalem Post" is one of the customers of Cyber 2.0, in 2020, the agency suffered some kind of first emergence of a new type of ransomware attack, the virus successfully invaded a computer after trying to expand to the entire network of the institution, but was found and blocked by Cyber 2.0.
In 2019, Cyber 2.0 hosted a hacker challenge in the United States.
Why are hackers around the world not cracking down?
"At present, no one has been able to crack the Cyber 2.0 defense system, we have developed this system, there is no way to break it." Erez said that mathematical chaos algorithms are unbreakable, and the "scrambling" and "descrambling" methods of Cyber 2.0 will change randomly, without regularity.
So, since it is difficult to break, is it possible for the virus to spread throughout the network by bypassing or shutting down the Cyber 2.0 defense system of the infected computer? The answer is no. Snell et al. introduced that even if the virus uninstalls the Cyber 2.0 of a computer, it still needs to face the "descrambling" of the "mathematical chaos algorithm engine" of other computers in its propagation to the entire network, and because there is no "scrambling", the "descrambling" will still fail, and the propagation will not be successful.
From 2018 to 2021, Snell said, the company has held four hacker challenges, the first two in Israel and the United States, the last two online, including members of the world's top cyber forces, more than 5,500 hackers from more than 30 countries participated in the challenge, a total of millions of cyber attacks, none of which successfully breached Cyber 2.0. In June, the company plans to host its fifth challenge in India.
Cyber 2.0 is the only subversive technology in the world that can comprehensively defend against the spread of all viruses, including unknown viruses, and has been widely used in major water treatment plants and some government agencies in Israel, successfully defending against many large-scale cyber attacks. At present, the company is studying the use of this technology in the cyber defense of smart cars, airplanes, ships and mobile devices such as mobile phones.
Source: Science and Technology Daily The image in the article is provided by Cyber 2.0
Editor: Liu Yiyang
Review: Julie
Final Judgement: Wang Yu