Votiro keeps Gaza porn-video hackers, and other baddies, at bay

It might be too much to expect employees to bypass intriguing e-mails that could be dangerous to open, says Itay Glick. Why tempt them?

Illustrative: a computer (Pexels)
Illustrative: a computer (Pexels)

In a recent mass hack attack, Gaza Arab hackers were able to target hundreds of Israeli government and business sites, stealing data, and releasing malware that, the hackers hoped, would compromise operations — via a porn video sent out to unwitting victims.

While recipients of such messages should be immediately suspicious, according to Itay Glick, CEO of Israeli cybersecurity start-up Votiro, it might be too much to expect of some people not to open up messages promising titillating images — a development the hackers were clearly hoping for.

Glick says: “The only real solution is to keep such messages out of the in-box of employees, and Votiro is the only filter system that can do this.”

Despite the constant exhortations by security personnel, workers at businesses large and small continue to click on infected attachments and links, exposing their organization’s data to the lowest of lowlife data swipers. In other words, current deterrence practices just aren’t cutting the mustard for many organizations’ security needs.

For some staff, the “thrill of the unknown” is just too great — they absolutely must know what lies behind that bombastic Subject line promising juicy information; for others, it’s a matter of being “too busy” (or too lazy) to exercise caution.

Hackers are banking on that curiosity, and they use those messages to send out malware attachments — files that, when opened or clicked on, release viruses and Trojan horses that allow hackers to remotely control a computer, or an entire network. Phishing e-mails, as the scam is called, have time and again proven to be one of the most effective ways for hackers to spread their poison.

In a recent exercise, an American cybersecurity company spent weeks running educational programs for employees of a large corporation, basically trying to get across one message: Don’t open suspicious messages, and especially messages with attachments. Before the seminars, the “click rate” of employees was around 80%, meaning that four out of five suspicious links and files were opened.

To test their approach, the cybersecurity staff sent out a fake suspicious message, and — to their chagrin — discovered that one-third of the workers clicked on the attachment, despite the intensive anti-attachment campaign.

Actually, explained Glick, it doesn’t matter if 80% or 30% of employees open a suspicious message — all it takes is one person to unleash a virus that could bring a company to its knees.

Which is why Votiro takes a totally different approach to cybersecurity, said Glick. Instead of relying on the security-consciousness of workers, Votiro “sanitizes” links, attachments, e-mail messages, downloads, and any other form of data that enters an organization’s servers via the Internet. “Our technology detects anomalies in messages, files, and downloads. And if anything is suspect, our system prevents it from getting onto a live server,” explained the CEO.

Suspicious e-mail messages aren’t always suspicious at first glance; many infected documents look like real documents that someone in an organization would probably get as a matter of course during the workday; in fact, many of them may be actual organizational reports or documents, which a hacker has loaded with malware.

To prevent this, companies can use Votiro’s Secure Data Sanitization (SDS) system: It evaluates incoming traffic, thoroughly examining anything that comes into an organization’s network for anomalies — bits and bytes that are not consistent with the file type a file claims to be (extra bytes in a Word file, for example, could mean that a Word macro virus is present). Votiro’s sanitization service is meant to sit on a device, such as a PC that is dedicated to run the Votiro system, with all data evaluated as it passes through.

More than just a sandbox or a DMZ server running an anti-virus program, Votiro’s system is in constant communication with the company’s servers, recording attempted attacks and checking on new exploits as they come in, explained Glick. “So far, we have been able to mitigate almost all the new, zero-day exploits that have appeared on the web and that have tried to attack our clients’ servers,” he claimed.

While there are other Security-as-a-Service (SECaaS) solutions on the market similar to Votiro, not all of them are as popular; according to Glick, the company counts among its dozens of customers many of the largest companies in Israel, including “most government agencies, pharmaceutical and aerospace companies, and a national energy company,” which he would not name — as well as large companies in the US, many with 10,000 employees and more.

According to Glick, at least one Israeli bank reported that it was being attacked by the Gaza porn-video phishing scam. “Fortunately, the employees did not have to pass the ‘test’ of whether or not to open that e-mail, which — I admit — is a very difficult test for anyone,” he said.

“We saved them from that test, and probably saved the bank from a major hack attack. And, thanks to Votiro, the employees didn’t even know what they were missing.”

Most Popular
read more: