To fight cyber-threats, get ‘Paranoid,’ says Israeli expert

To survive in today’s cyber-jungle, you need to be a little paranoid – and that’s exactly how Nir Gaist, CEO of Israeli cyber-security firm Nyotron, wants you to feel.

Or rather, leave that feeling to Nyotron’s security system, called Paranoid, which Gaist promises is one of the best cyber-security systems on the market today. “Our technology is used in most of the sensitive installations in Israel and in many other countries,” said Gaist, whose firm recently raised $10 million in a third funding round. “If it’s important from a business, government, defense, or infrastructure point of view, we are probably there.”

Paranoid gets its name from the way it regards almost anything happening on a client computer or server; the system examines every event that occurs and evaluates it for risk analysis. Some activities are expected, given the context of what a computer is doing; when a user opens a known application, code fills computer memory in expected ways, and Paranoid marks that routine activity as a low-risk one.

But some activities are higher risk – and some, the system decides, are downright dangerous. These are evaluated for risk, and Paranoid will either alert the user that an activity requires attention and verification, or it will prevent that activity from taking place at all. Paranoid learns as it goes, with all data transferred to the Paranoid Server in a secured proprietary protocol. Administrators can examine what is happening using a special interface, and can adjust alarms, alerts, and actions as needed to allow or ban specific activities. The whole thing operates in stealth mode, as a service, so the end user is not aware of it and cannot interfere with its functionality.

For Gaist, the world is very black and white; there are good activities and bad ones, and he prefers to err on the side of caution when deciding where an activity ends up. “The detected events collected by Paranoid Agent are analyzed using a unique Behavior Patterns Map (BPM), developed by Nyotron’s research team, and then tagged with the appropriate rating. We determine what that tag should be by examining how the system usually works, what users do on their computers and on the network, etc. The strategy is to interdict suspicious activity before it can do any damage, and we’ve had a great deal of success with this methodology.

“By definition, other programs are always behind the 8-ball,”said Gaist. “They are only reacting to viruses that have already been released into the wild. The anti-virus program makers are constantly on the lookout for viruses and are constantly updating and patching their products. But they can only react – unlike Paranoid, which can prevent viruses from even hatching.”

Nir Gaist (Photo credit: Courtesy)

The great advantage of Paranoid, he said, is that the system doesn’t need to consult a database or whitelist to figure out what’s allowed and what isn’t, giving it the ability to halt “zero-day” attacks by a brand-new virus that hasn’t shown up on the radar of the makers of “traditional” anti-malware systems. “I know a lot of security companies claim to detect zero-day malware, but we are the only ones that can catch such malware before it actually does anything.”

Gaist founded Nyotron in 2004 – when he was just 15. At 26, he is considered a world-class computer security expert – a confidant of Bill Gates and Steve Ballmer of Microsoft fame, for whom he did “deep hacking” work (to help fortify Windows) when he was just a kid, at 13.

“Paranoid is clearly a paradigm shift,” says Gaist. “Anti-virus programs are now outmoded. These require creating signatures and updating them in a database , but Paranoid is the first technology in the world developed to actively protect from most types of computer threats, particularly those which cannot be detected today.”

“As security people,” Gaist said, “we are not used to grand exposure and involving external groups in our internal procedures, but this unique development compelled us to have ourselves inspected by the leaders of the security industry worldwide, in order to guarantee that we are indeed on the verge of a major technological breakthrough. So far, we have held dozens of meetings and demonstrations to senior security experts and the responses, as well as the partnership offers, amaze us every time. We sincerely believe and hope that through the software we developed, we will succeed in allowing a new PC user experience – one that will be quicker, efficient, effective and much more protected than the one possible today.”