Chip giant ARM buys Israeli Internet of Things security firm for approx $85m

Sansa Security’s embedded cyber-security system will help ARM expand its protection of network-connected devices, say the companies

Sansa Security's Koby Sella discusses Internet of Things security (Courtesy)
Sansa Security's Koby Sella discusses Internet of Things security (Courtesy)

UK-based chip and systems maker ARM announced Thursday that it was acquiring Israel’s Sansa Security, which specializes in protective cyber-security systems for embedded chips.

Embedded chips power the Internet of Things (IoT), the networked infrastructure that connects billions of standalone devices, appliances, and objects to servers, where data is sent back and forth in order to enhance user experience and value.

The value of the deal was not disclosed, although previous reports had pegged its value at between $85 million and $100 million. With the acquisition, ARM will be establishing its first Israeli research and development center. ARM had been one of the few multinational tech giants not to have had an Israeli presence.

By the end of the decade, industry experts say, there could be as many as 50 billion wired and connected “things” in the world – with refrigerators, washing machines, fitness devices, and even lightbulbs and home lighting systems connected to the Internet.

These appliances will receive instructions from a central server designed to increase their efficiency, functionality and ease of use, based on data uploaded to the server on how the consumer is utilizing the item. Thus, a “smart” IoT refrigerator will be able to sense if a user is low on milk and send that data on to the server – and then the server will send a message to the user to pick up milk on the next trip to the market.

IoT promises an unprecedented era of convenience for consumers – and an unprecedented era of hacking opportunities as well. The latest example of a mass IoT danger came just last week, in a by-now world famous incident outlined in an article and accompanying video in Wired Magazine, which describes how white-hat hackers Charlie Miller and Chris Valasek took control of a Chrysler Jeep vehicle being driven at top speed by Wired journalist Andy Greenberg.

As Greenberg drove down a busy highway, Miller and Valasek turned the radio on full-blast, ran the air conditioner and took control of the accelerator – scaring Greenberg to the point where he was forced to “drop any semblance of bravery, grab my iPhone with a clammy fist, and beg the hackers to make it stop.”

To carry out the hack, the two relied entirely on the Jeep’s wifi connection, exploiting a weakness in Chrysler’s Uconnect software, which allows connection to the Internet in hundreds of thousands of Chrysler and Fiat vehicles already on the road. All a hacker has to do is identify a vehicle’s IP address – it has to have one in order to access the Internet – and the rest is by-the-book scripting, similar to taking control of a remote computer, smartphone, or any other Internet of Things-connected device.

While Miller and Valasek carried out the Jeep hack to prove a point to the car industry – that it needs to be much more aware of security – the method they used would apply to any connected device. Sansa’s systems are designed to counter threats like that, providing embedded security that allows servers to examine the connections being made to an IoT-connected object and to prevent its unauthorized or improper use.

“Any connected device could be a target for a malicious attack, so we must embed security at every potential attack point,” said Mike Muller, CTO of ARM. “Protection against hackers works best when it is multi-layered, so we are extending our security technology capability into hardware subsystems and trusted software. This means our partners will be able to license a comprehensive security suite from a single source.”

Sansa already works with ARM, as well as other international giants such as LG, Freescale, Google and Qualcomm, and its security systems are installed in more than 150 million products a year.

“Our technology is already being used to protect data gathered and transmitted by a multitude of IoT and mobile devices,” said Coby Sella, CEO of Sansa Security. “Joining ARM will enable us to scale the business by helping ARM’s global technology partners to address their most pressing security needs. Aligning what we do with the world’s leading IP company allows us to develop our products and capability to new levels.”

read more: