A Herndon, Va., company, which has an impressive array of support from the military sector, believes it has the answer to protecting confidential information, trade secrets and intellectual property from hackers.
Indeed, since InZero Systems challenged hackers to find a way to break into its computer security device and published the system's IP address, IP numbers of its servers and local area network, and flag file name a month ago, it has been the target of close to 9 million unsuccessful attacks.
Of those attacks, 74 percent came from Eastern Europe and China, and another 25 percent from the United States.
We believe we have a very likely solution to the problem of Internet security, said Gen. Wesley Clark, retired Supreme Alliance Commander of NATO forces in Europe and chairman of the advisory board at InZero. It works as a disruptive technology and should be considered at all levels commercial, industrial, federal and state. We have created a hardware solution for the problem of software attacks, Clark said at a late-June news conference in Washington.
The palm-sized hardware gateway device developed by InZero acts as a second computer (a sandbox in computer talk), and any Internet attacks assault the device and can't get through to the computer containing the information, the company said. Also, both the operating system and the memory of the sandbox are read-only which means a hacker can't induce a virus or take over control of the device.
With the hacker's challenge, we have bet every cent we put into the company, said CEO Louis Hughes, a former president of Lockheed Martin Corp. and former executive vice president of General Motors Co. He and two other investors have invested more than $10 million to develop the PC gateway security device, which currently has 65 million lines of software code.
Our gateway device stands between the PC and everything else, Hughes said. No applications can exist in it except what we put on it because it is read-only. Its suite of applications treat everything else as malicious code. No one has penetrated it despite a whole array of different types of attacks.
In addition to the hackers, computer security company Telos Corp., cybersecurity firm Escrypt Inc. and noted cryptologist Philip Zimmerman all have tried unsuccessfully to break into the system.
This architecture is like nothing else I've ever seen, said Zimmerman, who developed the most widely used e-mail encryption software. All the attacks are outside and at a safe distance from your PC. It doesn't matter how someone attacks because it will all take place within the sandbox. No one else is taking this approach and it is incredibly effective.
The InZero approach to computer data protection is the opposite of the traditional approach of using software to look for viruses, and firewalls to prevent intruders from getting into a computer system. The technology was developed by a Ukrainian engineer with support from InZero and GBS Laboratories LLC, a company that Hughes co-founded in 2004 the same year he formed InZero.
The InZero system will prevent the theft of proprietary information and strengthen our competitiveness throughout the world, said Hughes. It is not only vital for our national security, but is a very important development for the American economy and our major corporations. No nation is more dependent on the Internet than the U.S. We use it to order, manufacture, sell and pay for goods. If computers stop working, the economy stops working.
In addition, Hughes said the InZero system will permit companies to exchange confidential information with customers and make completely secure payments.
It also enables companies to control how employees can access confidential information and share it, he said. This should be a major boom for security in the 21st century, for the safety and security of networks, for a robust and resilient infrastructure, and for protection of confidential information.
InZero plans to sell the security boxes for roughly $400, with a $40 monthly fee for updates and to be linked to InZero's servers. A management console for managing computers on a network costs around $500.
Longer term, InZero plans to develop security devices for servers and networks, and to imbed its security device into laptops.
Electronics contract manufacturer EIT Inc. in Sterling, Va., is making and assembling the security boxes, Hughes said. InZero also has had discussions with large Asian manufacturers about possible mass production of the device in the future, he said.
Solutions to cyber threats have to be affordable, scalable, acceptable to the public and adopted widely, said Jay Cohen, a former cyber security official in the Department of Homeland Security and a member InZero's advisory board. This InZero system is years ahead of anything the government or private sector currently possesses to protect our computers from cyber attacks. It is where we need to be.
We know this hardware works and is relatively economical, added Gen. Clark. This is what we need for both our government and commercial systems.
Copyright 2010 Crain Communications Inc. All Rights Reserved.