Following its acquisition of Braintree and Paydiant, PayPal has now announced that it is acquiring predictive cyber security company CyActive.
Israel based start-up CyActive is just an year old is already getting a lot of attention from investors like SFS, VC and the venture capital unit at Siemens.
CyActive has developed the ability to automatically forecast the future of malware evolution, based on bio-inspired algorithms and a deep understanding of the black hats’ hacking process. CyActive is the first to offer proactive detection of future malware before it has ever seen the light of day. The resulting solution delivers unparalleled protection to IT and OT assets. CyActive is backed by JVP, Israel’s leading venture capital firm, and by the Venture Capital Unit of Siemens.
Danny Lev, CyActive’s chief marketing officer, explained the background at the Smart Energy UK and Europe Summit2015: “When an organization experiences an attack, a security measure is placed in order to block it. However, the hacker can then simply make a slight modification to the original code to evade the security measures. These variants form a never-ending cat and mouse game between hackers and defenders. When you look at the APT (advanced persistent threat) level, you’ll find there has never been an attack chain to date that did not contain at least one reused component.”
“Of the new malwares, 98% are ‘direct descendants’ or variants of old versions, and of the remaining 2%, 1.99% are ‘cousins’ that share modules and methods.”
Given this information CyActive’s approach, using biomimicry, is to take the malware sample and permute it to predict the thousands of variants that hackers would likely retool over a three to five-year period ahead.
“We are effectively fast forwarding the future of malware evolution,” says Lev, noting the near impossibility due to costs and time to write from scratch a complete new attack chain.
She adds that the company addresses the “investment asymmetry between hackers and defenders – for every dollar invested by hackers on little variations, thousands are lost by the defenders dealing with them.” Citing examples from the financial sector for which figures are available, she says that Zeus variants cost $100 but its impact damage was over $100 million, while Black POS, the reused malware behind the attack on Target and Home Depot, cost $1,800 per variant but inflicted damage of over $250 million. “In each of these attacks, our solution could have stopped the whole attack chain, based on the reused component.”
CyActive’s detectors are created in CyActive’s cloud, where they are trained on future attacks forecasted by CyActive’s predictive engine. The detectors are then deployed on the client network (both classic enterprise network and SCADA equipment and embedded devices).
Reports suggest that the deal is worth at least $60m. PayPal has, ventured into the Israeli startup market earlier. It acquired Israeli risk tools and analytics firm Fraud Sciences. eBay (soon to be split from PayPal), meanwhile, has an Tel Aviv-based research and development center, based on the buyouts of two Israeli startups – Magento, an open source online retail platform, acquired in 2011, and The Gifts Project, a social commerce company that lets friends buy gifts together online, also acquired in 2011.
(image credit: CyActive)