In the face of ever-growing threats from cyber-attacks, UDS is the single solution that addresses all aspects of protecting unstructured data to meet business needs and regulatory obligations while reducing legal liabilities and financial losses. UDS is the first ever data file protection solution that covers the entire environment and is designed to withstand the most sophisticated attacks like Solarwinds supply chain attack with the one of toughest encryption scheme engineered. Its protection stands even after the breach.
To better understand UDS, think of it as the opposite of the “ransomware”, when bad guys break through a business’s cybersecurity line and encrypt all their files so that the business cannot operate. Utilizing UDS, companies can beat hackers to the punch, encrypting either all or their most important files, so when bad guys break through the security and try to access the data will they find that those files are completely inaccessible to them.
UDS is a data-centric enterprise solution with a core principle: data belongs to the organization, and user’s access to the data is not a right but a privilege that can be removed at the discretion of the organization, e.g. after an employee leaves the organization. The UDS patented technology limits access of data to only those who have an absolute need to use those files, and the cloud design allows it to scale up to accommodate all businesses and their future growth.
In the case of a data protection, the sum of the parts does not make it whole – there are three unique features that make data files the perfect targets of cyber criminals:
Over time, many solutions and products have been created to deal with a small part of a larger problem:
Unfortunately, the sum of the parts does not equal the whole and the result is an ever-increasing number of data breaches; concurrently, organizational cyber security budgets increase every year. Files are stolen from the end devices, from the servers, from the cloud storage and from the email servers, simply because the files are not protected at rest on all devices and are not subject to a universal access management. UDS was created to solve this previously unsolvable problem. It ensures that files are always encrypted, at rest and in transit, and are subject to the same access management everywhere for everyone.
With UDS, businesses can consolidate all their data file protection within a single solution, no matter how many copies of the files exist and where they are. With UDS, privilege escalation no longer permits access to the files; impersonation can only attack a small number of files before being caught; and stealing files no longer means data access.
UDS provides excellent ROI:
Security for embedded systems has been lacking for many reasons. One obvious reason is that attacks on embedded systems are rare. Those systems are highly specialized, so normal cyber criminals do not have the knowledge, nor the economic interest, in developing viruses like “Stuxnet”. But it becomes a different story when considering a possible state sponsored attack. Attacks on embedded systems always come with the intent of strategic disruption and often lead to catastrophic consequences… virus that target embedded systems are categorized as “cyber warfare” for good reasons.
Called by some as “cyber-missile” a decade ago, the “Stuxnet” virus changed how the world views cyber security forever. By modifying the firmware of the system’s logic controller, the virus destroyed nearly a thousand of Iran’s otherwise impenetrable gas centrifuges used to make weapons-grade uranium, and put Iran’s nuclear ambitions at least temporarily on hold.
There are two known pathways to attack an embedded system:
A security system that guards the entrance to a government building could be compromised to let bad guys in and lock the good guys out; a hacked monitoring system could fail to alert of an active attack or even worse, sends the wrong signal; a breached surveillance system could be stopped during a crime or history files could be altered. Fearing possible attacks on the national or regional grids, some have even suggested bringing back analog controls like physical buttons and dials as a “failsafe”.
Currently, protecting embedded systems has relied solely on protecting the command and control units, which often run on well-known operating systems and have the same vulnerability to cyber-attacks, which potentially may open the exact route taken by “Stuxnet” and those follows.
The Embedded Shield takes a new approach, however, creating a completely independent protection for the firmware and other critical data files that will remain unbreakable even after virus has affected the control unit. This protection is designed to establish a two-layered defense system that is unique to the UDS embedded system.
First, the Embedded Shield encrypts firmware and configuration-related data files. This prevents the information from being stolen. Because each embedded system is different, having a thorough understanding of the firmware, configuration and schematics is often the first step to a cyber-attack. Without intimate knowledge of the schematics and the ability to create a mirrored system, it is nearly impossible to develop a virus to attack the system.
The second layer of protection plays a critical role after the command unit is infected by a virus. The UDS-protected firmware and configuration cannot be changed or modified by a virus, and that is usually the most effective pathway for a virus to launch an attack. “Stuxnet” initiated its attack by replacing one of the runtime library files to give itself the ability to monitor and modify the communication between the control unit and the embedded board so it could inject the false commands. The Embedded Shield blocks this sort of action and therefore stops an attack.
We should have no illusions that cyber-attacks on our critical infrastructure will stop and our current cyber defense is sufficient. The Embedded Shield is designed to prevent the attacks as the second line of defense and protect an embedded system after all other measures have failed so the critical infrastructures can continue function.
Contact us to see how you can protect the critical infrastructure with Embedded Shield