Mimicking a biological mechanism and implementing it into the software world: this might sound somewhat futuristic, but this is exactly what the Israeli cyber company Intezer is doing through the “genetic mapping” of viruses. Simulating the modus operandi of the biological immune system, Intezer traces the genetic relationships between ransomware and a variety of other harmful malware, helping companies accelerate and improve their response to cyber events. The technology Intezer has developed is called “Genetic Software Mapping” and it is revolutionizing the cyber threat detection and response field through the detection of the genetic sources of all software code. The company’s solutions are diverse in that they are applied to cloud security, malware analysis, incident response, threat intelligence and research, and more.
Intezer was founded in 2016 by three Mamram veterans: Itai Tevet, the former Head of the IDF’s Computer Emergency Response Team Roy Halevi, a former Architect of cyber defense solutions in the IDF, and Alon Cohen, CyberArk’s Founder, CEO and Chairman. The trio conducted an in-depth review of the cyber landscape and realized that all of the existing solutions available were based on the detection of signatures and anomalies, which leads to numerous false alarms and a difficulty in detecting silent attacks and other attacks that evolve into new variants. They came up with the idea of imitating the modus operandi of the biological system, a system that continues to evolve over the course of billions of years, in order to map the genetic connections between computer viruses. This results from the understanding that malware is evolutionary and is fundamentally based on code that was already written and used to develop in previous versions. The innovative and unique approach of the company’s technology enables it to handle the fast pace and sophistication of internet threats. Intezer’s technology identifies the source of the attack itself and can even classify the developer behind an attack – as detailed as the country, organization, hackers group etc.
The company gained global recognition when it was the first to identify the source of the WannaCry ransomware, which was spread as part of a cyber-attack that started on May 12th, 2017 and infected thousands of computers. The software attacked 230,000 computers in more than 150 countries, encrypted important data and demanded, in 28 different languages, the payment of a $600 ransom in Bitcoin for decryption. Before the official announcement from the U.S. government, Intezer attributed WannaCry’s source to North Korea. The company did this through the identification of code pieces that were previously seen in attacks on Sony and a Bangladeshi bank. The company’s technology has also proved itself through the identification of other high-profile sophisticated cyber-attacks, including NotPetya and Turla. In 2020, the company exposed numerous cyber threats that were previously undetected and discovered an increase in the number of attacks on Linux servers and cloud environments. Some of the company’s discoveries include large cryptojacking campaigns, ransomware and nation-state sponsored threats, such as QNAPCrypt, HiddenWasp, Doki and PureLocker.
In Constant Growth
Currently, Intezer employs about 50 employees. Its R&D center is located in Israel and it has sales branches in the U.S., the UK and the Netherlands. To date, the company has raised about $27 million and its investors include the VC funds Magma Ventures, Open View, Intel Capital and Samsung Next.
Main Customers and Products
Intezer’s clientele includes public and government agencies alongside Fortune-500 mega-corporations from the financial services, telecom and retail sectors. Intezer’s solutions include Intezer Analyze, a malware analysis platform, and Intezer Protect, protecting cloud servers at runtime against any malicious code.
Intezer has an ambitious vision – to change the distorted cyber-attacker – cyber-victim equation that exists today, and make cyber-attacks unprofitable to the attacker. The distortion stems from the fact that while the attacker needs only minimal resources to attack, it causes enormous damage to the victim. Intezer believes that their technology can change this equation dramatically, since the development of a malware from scratch, in contrast with reliance on existing software (which the company can detect), would simply be impractical or unfeasible for the attackers.
You may also like