SA start-up Snode steps up war on cyber crooks

November 23, 2016



Source: TechCentral

 

One of the biggest problems with identifying cybersecurity breaches is knowing that they happened at all. Too often, attackers breach companies’ defences and remain undetected — until it’s too late.

A new South African start-up, Snode, incubated by fast-growing South African fintech company Hello Group but now spun off as its own business, has developed a solution that it believes will help IT departments identify suspicious behaviour as it’s happening, even when traditional security measures like firewalls fail to stop intruders.

Snode, which was founded by cybersecurity expert Nithen Naidoo, has developed technology that alerts companies to the tell-tale signs that a cyberattack might be about to take place.

“If you are looking for fraud only at the point where it occurred, you will always be reactive,” Naidoo said. “But if you can predict the fraud by looking at precursor patterns, you can prevent it and become proactive in your response.”

Hello Group CEO Nadir Khamissa said Naidoo became involved with the company about 10 years ago to help it root out cybersecurity breaches and shore up its cyber defences. He became even more involved as the company moved into mobile money transfer with Hello Paisa.

Hello Group, which has provided venture capital funding to Snode, needed something beyond basic firewall and signature (username and password) security mechanisms. “We needed something to understand patterns of behaviour, which is something we could not buy.”

Naidoo built technologies that passively “sniff” all of a company’s network data, differentiating between different types of traffic going through the network in real time using “deep-packet inspection”.

"The technology is “aware” of the start and end point of every packet of data, both internal and external," Khamissa said. “This is imperative to be able to understand patterns of behaviour. This enormous volume of data gets put into machine-learning algorithms that understand the patterns and is then overlaid with the expected or traditional behaviour of a user to identify anomalies.”

The problem with most security solutions is the analyst interface “turns into a Christmas tree” of alerts — most of them false alarms — defeating the purpose, he said. “We have invested in pattern-recognition technologies to avoid these false positives. Snode understands patterns of behaviour and eliminates those.”

Snode, Khamissa said, doesn’t replace firewalls and username-and-password-based security mechanisms. Rather, it is a layer on top of those solutions to help companies understand and identify behaviour and vulnerabilities.

“Snode at its core uses mathematics to detect anomalies and patterns in any type of data from any source and understand the behavioural patterns of normal behaviour from abnormal behaviour,” explained Naidoo.

“Just your presence on the network leaves a trace and affects the network in a certain way. Snode understands your systems environment and it has a signature for it. It identifies any stray from what it deems normal behaviour.At some point in the early stage of a cyberattack, there would have to be some form of reconnaissance. Snode actively looks for this, whether it’s a hacker doing a port scan, or an employee accessing a system they don’t normally access,” he said. “It does this in real time, with in-flight analytics.”

Although Snode can’t analyse encrypted network traffic, it can still pick up anomalies. “If my encrypted channel suddenly does 2GB of traffic at 2am, that’s an anomaly. Sure, you can mask your identity in various ways, but no matter you do, you are going to influence the system.”

Khamissa said Snode uses machine-learning algorithms to augment human efforts to defend digital networks. “The good guys are completely outgunned in the cyberwar. Attackers are highly motivated and mechanised. In the defence, you typically have a junior guy in IT patching servers, looking at endless alerts. To notch up your defence capabilities, you need something like Snode to augment the defenders of your networks.”

After developing the solution inside Hello Group for many years, it has now been “productised” to be sold to other companies.

Snode has run the solution in various iterations with PricewaterhouseCoopers over the past three years. PwC will now take the product to market as the company’s first reseller partner. It also has customers in South Africa, Nigeria, the UK and Australia.

“Our focus is really on South Africa for now, but we have been getting a lot of requests from abroad,” said Khamissa.

The key industry it intends focusing on is financial services, he said.

Previous

How this startup is hoping to change the face of cybersecurity in SA

November 3, 2016

Source: SME South Africa   Cybersecurity in South Africa is increasingly being regarded as a lucrative market for tech startups to get into with a growing number of startups taking up opportunities in the threat market. In the US, where the increasing wave of cyber attacks has been receiving huge attention, a large platoon of startups has steadily been coming into the industry over the past number of years to take a bite of the flourishing market. Gartner, Inc reported that global cybersecurity market topped the $75 billion mark in 2015 and is expected to reach $170 billion by 2020, while the Ponemon Institute revealed that 92% of Forbes Global 2000 companies reported data breaches in the past year. The recent attack involving Standard Bank, which lost a reported R300 million shows that this is also a concern in emerging markets. Up to 7% of all South African organisations experienced a cyber attack in the last year according to security firm Kaspersky Lab and according to the South African Banking Risk Information Centre (SABRIC), South Africans lose in excess of R2.2 billion annually to internet fraud and phishing attacks. Newly-launched cybersecurity startup, Snode is one of these tech startups that are looking to tap into and take advantage of Africa’s cybersecurity market that is predicted to be worth over $2.32 billion in 2020. Cyber criminals are now, more than ever, turning their attention to emerging markets which they perceive to be easy, yet lucrative, targets, says Nithen Naidoo, CIO and founder of Snode. “The company believes it provides a much needed service in South Africa.”   Who is Snode Snode is a cyber intelligence solution startup that helps businesses protect themselves by providing real-time intelligence. They use advanced mathematical algorithms, the processing power of learning machines, and predictive analytics to provide insights into behavioural patterns, which they say will help identify and combat cyber threats before potential breaches occur. Snode has a team of over 12 consultants spread across offices in Johannesburg and London and the company has recently secured VC funding from Johannesburg-based telecommunications company, Hello Group. SME South Africa speaks with Naidoo about the biggest failings of cybersecurity startups in SA and why thinking outside the box is key for how they are hoping to change the face of cybersecurity in the country.   Opportunities that cyber threat has created for security startups in South Africa. I think South Africa has a history of innovation. Our current landscape means we work within certain constrains. We design solutions very elegantly without even knowing it because of these constrains. Bandwidth in South Africa is expensive and it’s limited, so all our technologies seem to be produced in a very bandwidth efficient way. I think the cybersecurity industry globally is looking for more innovative solutions. People always talk about increased spend on cybersecurity, however, I don’t necessarily think that increased spend is the answer. I think innovation is the answer. There’s a great scope in cybersecurity for young individuals who are looking to apply their minds and come up with innovative solutions that not only solve a South African problem but solves a global problem.   The biggest failing of most cybersecurity startups I can honestly talk from experience. My initial business took a very long time to take off because of some fundamental 101 mistakes. I think the biggest mistake was scalability. Taking any product or service to market you’ve got to look for two things – leverage and scalability. I may have got the leverage right because I was in cybersecurity industry for such a long time I was leveraging my experience, I was leveraging the contacts I had in that industry and I was leveraging the insights I had to bring me to market.   “The internet takes us out of the physical location. Your corner shop suddenly becomes a shop on every corner all over the world”   But I got scalability wrong – I did it in the form of consulting. Quite simply, I can sell an hour to an organisation in the form of consulting, but there’s only eight hours in a day. So I’ve already chosen a way forward that had limitations whereas if I had to look at the world of product, which is what Snode is, I get to touch lives of people across the globe without restriction, without limitation. If a young entrepreneur wanted to take away two valuable lessons that took me five years to understand – it’s one, look for scalability and two is to embrace channels like the internet, like social media and look for ways to grow your business globally. Think locally, act globally.   How Snode is impacting the local security ecosystem Although Snode has various applications in various vertical market segments our target market seems to have chosen us. The mining sector particularly likes Snode because it’s a passive technology. In a mining business you have a lot of sensitive infrastructure also that mining industries don’t want to risk downtime. Snode is very low risk to implement in the most sensitive of environments. Yet it provides you with all the insights you need to defend your business against emerging cyber threats. In financial services, not only are the learning capabilities, pattern recognition and behavioral analytics built to detect cyber threats but they can very easily be applied to detect patterns of fraud within transactional data. So taking the Snode technologies application out of the pure cyber world and applying it to ATM fraud, for example. Other industries [where we are having an impact] are defense, the professional services sector as well as the public sector.   How they are impacting public perception If you speak to many cybersecurity firms whether they be providing a service or product, they’ll tell you attack is inevitable and that’s how the public perceive the cyber landscape today, ‘It’s inevitable that I will be attacked’. But we need to be given the freedom to embrace technology and not be hindered by fear and the first place where this battle is fought is in user awareness. If I had to look at the root cause or the most effective way to combat most of today’s cybersecurity threats it would start at user awareness.   How we are educating the market We started market education without even knowing it at Snode. Earlier you spoke to an actual client of Snode [Hello Group] and as a client the insights we provided him raised his awareness to the cybersecurity problem which made him want to invest in a cybersecurity solution startup. He realised the gravity of the problem and he realised the application of the solution. That happens every time we deploy a Snode technology in a client environment. And by exposing what is happening within the environment and exposing what is happening outside the environment the client becomes more educated.   How we got our Funding We’ve been very fortunate with funding recently, once we solidified our concept within Snode. There is a lot of funding available to young entrepreneurs and older entrepreneurs alike but the foundation of the funding is based on your approach to those investors. Before we partnered with our angel investors Nadir Khamissa and Shazim Khamissa [founders of Hello Group], I got called in by a really big global brand who wanted to take a look at the Snode concept. And although they were blown away by Snode as a product, they were blown away by my team as a group of individuals to actually execute on this plan, where we failed to sell them was on our business acumen.   “If you’re experiencing problems with you business, the first place to look for is innovation”   We couldn’t provide them with answers to basic business questions like what would our expenditure be in the first year, what would our break-even point be going forward, what would our distribution channels look like, what would our sales channels look like, are we going to use direct marketing, are we going to partner, what strategic partners we’d make – and without that information no great idea is going to get funded.   Thinking outside the box Thinking outside the box is important for any startup. If you’re experiencing problems with you business, the first place to look for is innovation. For cybersecurity startups I think there could be a red herring or trap that a lot of the cybersecurity startups could fall into, that of wanting to be in the cybersecurity market because it’s such a growing market and potentially worth a lot in the future. Just being in the cybersecurity market selling the same traditional technology or selling the same traditional ideas or developing a technology that is very similar to exiting technologies in the market space is really not enough. Some of the brands in the cybersecurity market are very well established. If you’re going to go against these brands you need to have a very competitive edge.   How Snode is taking the unconventional route Unlike traditional technologies which evolve in a lab, Snode evolved while we were trying to help our clients. It actually evolved while we were trying to solve a real world problem. We never intended to create a product for market, we were really trying to add value and solve pain points which our customers were experiencing and the technology sort of evolved from there. We found a solution and we managed to productise it and that was the birth of Snode.

Next

Cyber intelligence reveals #FeesMustFall agenda

December 13, 2016

Source: gadget.co.za   Cyber intelligence and analytics specialist, Snode, recently used its tools to analyse the #FeesMustFall protest and delve deeper within Twitter, offering enriched insight beyond 140 characters. Social media platforms such as Twitter may be divisive, but its significance cannot be overlooked. Cyber intelligence and analytics specialist, Snode, believes the potential applications for social media are yet to be fully realised. “As a source of intelligence, Twitter is a valuable source of intelligence and it should be utilised by business and law enforcement. It is an open-source data-rich platform and needs to be leveraged in the best way possible,” notes CIO and co-founder of Snode, Nithen Naidoo. Using the recent #FeesMustFall protests as a case study to showcase the enriched capabilities of cyber intelligence, Snode was able to apply its analytical tools to delve deeper into the anatomy of the Tweets, and even discover that outside influencers were making an impact. The university fee protests are a hot topic of conversation in South Africa. The dialogue is been most prevalent on Twitter, where numerous messages have been exchanged under the guise of creating a discourse around the cost of tertiary education. Interestingly though, Snode’s analysts have unearthed some other key insights not obvious to most people.   Delving deeper To gain a deeper understanding of the underlying forces driving the #FeesMustFall protests, Snode analysts have fused various social media conversations to identify emerging trends associated with, and patterns of behaviour fuelling, this massive campaign. The most telling finding is that many of the tweets did not originate from the same location that the message was referencing. In particular, the majority of tweets mentioning the University of Witwatersrand were found to have been sent from Pretoria, nearly 65 kilometres away. In fact, Snode detected an anomaly in which tweets from South Africa’s capital with the #FeesMustFall hashtag referenced Wits 14 times more than they did in their own city’s university protest. Accompanying this anomaly was the fact that only 3% of #FeesMustFall tweets came from users linked to the @WitsUniversity handle, as opposed to a staggering total of 94% from politically affiliated Twitter accounts. According to Naidoo, it can be inferred that there was another agenda being played out, and the #FeesMustFall protests are being abused by some social media users to draw attention to other topics, ultimately misrepresenting the true aim of students.   True potential While the potential for social media to be misused by a small percentage of users, Snode says that victims of crime and law enforcement have the ability to fight back. The company’s real time processing for example, can dissect a myriad of information contained within a Tweet, including a Twitter user’s (real) name, origin of the Tweet (longitude and latitude), device type (iPhone or Android), and place of residence (e.g. city or hometown). “If users share an image on Twitter for example, the metadata contained within that photo can offer us a wide ranging array of insights,” says Naidoo. “There are a host of AI applications available, such as Russia’s FindFace, which allows users to scan a digital image of someone and then discover their online profile. There are therefore a number of tools on hand to benefit law enforcement as much as they do criminals,” he continued. In the right hands, this kind of machine assisted analytics can empower social media platforms such as Twitter to help make data-driven decisions, notes Naidoo. In the US, a number of American agencies are already using deep analysis within Twitter to track down dissidents, according to Saudi scientist Hala Al-Dosari in a recent interview with Bloomberg Businessweek. “South Africa needs to use available technology correctly, especially when it comes to tackling issues like crime within the country. With regard to socially relevant topics such as the student protests, having cyber intelligence at work can assist in gleaning vital insight. At Snode, we believe having such knowledge can not only help us understand the climate better, but also assist law enforcement and government services to predict and respond to critical events more efficiently,” says Naidoo.