Sepio Systems Named Winner for Prestigious Red Herring Top 100 North America Award

 
 

NORTH BETHESDA, MARYLANDJune 15, 2017Sepio Systems, a pioneer in securing organizations against attacks via rogue hardware devices, has been chosen as a winner of Red Herring’s Top 100 North America award, one of the technology industry’s most prestigious recognitions.

The Top 100 awards were handed out at a special ceremony in Marina Del Rey, California, where executives presented their companies to a judging panel comprising industry insiders, analysts and journalists. The winning companies, selected from thousands of prospective startups and technology firms, represent the cutting edge of North America’s world-class tech industry – and demonstrate the region’s continued reputation for digital excellence.

“This is a great honor for Sepio Systems to be recognized as one of the elite companies leading the next wave of innovation in the technology industry,” said Yossi Appleboum, CEO of Sepio Systems. “Receiving this award is a tremendous validation and recognition of our mission protecting organizations as the only security solution on the market that identifies and blocks malicious hardware devices before they can cause harm.”

Red Herring selected Sepio Systems as a finalist for its rogue-hardware detection system that identifies and exposes nefarious hardware devices installed directly into data networks. These rogue devices reside on the first layer of security and have the ability to access and extract critical data while remaining completely undetected by existing cyber awareness infrastructures.

“This is one of the most innovative and exciting groups of companies we’ve ever hosted at a Top 100 awards show,” said Alex Vieux, chairman of Red Herring. “It’s always a pleasure to come to California and see the cream of North America’s tech crop. 2017 has proven to be another fine year for tech, which is now simply the economy rather than a small part of it.”

The Top 100 North America has become a springboard for some of tech’s biggest names, and a valued and trusted tool for venture capitalists, experts and analysts predicting trends at the industry’s cutting edge.

“Sepio Systems fully deserves its place among our finalists, and I have every confidence they will make a significant impact in the tech world,” added Vieux.


About Sepio Systems
Sepio Systems is a pioneer in securing organizations against attacks via rogue hardware devices. Strategic cyber weapon technology that has been leaked is currently in the hands of criminal organizations that are using it against civilian commercial targets with no defenses against it. These enterprises never suspect that the seemingly legitimate devices they are using have been compromised, allowing access to key assets—often over long periods of time. Sepio Systems is headquartered in Maryland, with offices in New York and South Carolina, and a Research and Development Center in Tel-Aviv


About Red Herring
Red Herring is a global media company which unites the world's best high technology innovators, venture investors and business decision makers in a variety of forums: a leading innovation magazine, an online daily technology news service, technology newsletters and major events for technology leaders around the globe. Red Herring provides an insider's access to the global innovation economy, featuring unparalleled insights on the emerging technologies driving the economy.


Media Contact
Brian Kelley
703-533-1618

BKelley@AboutSage.com (for Sepio Systems)

Sepio Systems Named Finalist for 2017 Red Herring Top 100 North America Award

FOR IMMEDIATE RELEASE

NORTH BETHESDA, MARYLAND – June 9, 2017 – Sepio Systems, a pioneer in securing organizations against attacks via rogue hardware devices, has been selected as a finalist for Red Herring’s Top 100 North America award; one of the technology industry’s most prestigious recognitions.

Finalists for the awards are among the continent’s brightest and most innovative private ventures. Their place among North America’s tech elite has been chosen by Red Herring’s editorial team, during a months-long process that takes into account criteria including disruptive impact, proof of concept, financial performance, market footprint and quality of management.

“Sepio is honored to be selected among this elite group of companies innovating in the technology industry,” said Yossi Appleboum, Co-CEO of Sepio Systems. “This nomination shows that our solutions are filling an identifiable void in the technology market.”

Red Herring selected Sepio as a finalist for its rogue-hardware detection system. This system identifies and exposes nefarious hardware devices installed directly into data networks that can access and extract critical data while remaining completely undetected by existing cyber awareness infrastructures.

Strategic cyber weapon technology that has been leaked is currently in the hands of criminal organizations that are using it against civilian commercial targets with no defenses against it. Sepio’s system aims to identify these criminal threats and improve data manager’s system awareness.

The Top 100 North America has become a springboard for some of tech’s biggest names, and a valued and trusted tool for venture capitalists, experts and analysts predicting trends at the industry’s cutting edge.

“Sepio Systems fully deserves its place among our finalists, and I have every confidence it will make a significant impact in the tech world,” added Vieux.

Finalists are invited to present their winning strategies at the Red Herring Top 100 North America conference in Los Angeles, June 12-14 2017. The Top 100 winners will be announced at a special awards ceremony on the evening of June 14 at the event.


About Sepio Systems

Sepio Systems is a pioneer in securing organizations against attacks via rogue hardware devices. Strategic cyber weapon technology that has been leaked is currently in the hands of criminal organizations that are using it against civilian commercial targets with no defenses against it. These enterprises never suspect that the seemingly legitimate devices they are using have been compromised, allowing access to key assets—often over long periods of time. Sepio Systems is headquartered in Maryland, with offices in New York and South Carolina, and a Research and Development Center in Tel-Aviv.

For more information about Sepio Systems solutions and supply chain attack risks, visit www.sepio.systems, call +1 (240) 660-8690 and follow us on LinkedIn .

Media Contact:
Brian Kelley

BKelley@AboutSage.com (for Sepio Systems)
703-533-1618

Former Israeli Mossad Director Tamir Pardo Named Sepio System’s Board Chairman

Sepio Systems to Introduce Supply Chain Security Suite on February 13 at San Francisco’s RSA Conference


FOR IMMEDIATE RELEASE

North Bethesda, MD, February 13, 2017—Tamir Pardo will join Sepio Systems to serve as chairman of the board as part of the company’s expansion.

“Cyber attacks on critical infrastructure and financial institutions are a major threat to the global economy,” notes Mr. Pardo. “Most cyber security products protect the internet, applications, and data—Sepio’s security suite addresses an attack vector underserved by current market solutions. I look forward to addressing these challenges as Sepio’s leader.”

Mr. Pardo began his military service at age 18 with the Israeli Special Forces where he served as an officer. He joined the Mossad in 1980, and served in field and technical positions until he rose to become Director of Operations and Technology. In January 2011, Mr. Pardo was appointed by the Israeli Prime Minister to lead the Mossad, serving as Director. He proudly served in this role until January 2016. Under Mr. Pardo’s command, the Mossad received numerous prestigious decorations for operations and technological innovations.

“We are proud to have Mr. Pardo on our team and confident that his experience, vision and leadership will impact results,” notes Yossi Appleboum, Co-CEO of Sepio Systems.

Sepio Systems, a cyber security company protecting organizations against device supply chain attacks, will introduce its Supply Chain Security Suite at San Francisco’s RSA Conference on February 13. The platform combines hardware and software to stop rogue hardware before it damages normal operations of an organization. It isolates and contains potential attacks without degrading system performance.

“Penetrating supply chains—once done only by governments—has become a common attack vector of criminal organizations,” notes Mr. Appleboum. “Sepio’s suite secures organizations against supply chain attacks. Our product closes the supply chain’s ‘open door’; voiding supply chain attacks.”

Several financial institutions and corporations are evaluating the suite. The company expects to begin fulfilling orders during the second quarter of 2017.


About Sepio Systems

Sepio Systems was founded by cyber security experts from private industry and government agencies, with global recognition and decoration in combating supply chain threats. Sepio Systems is headquartered in Maryland with offices in New York, South Carolina and the Research and Development Center in Tel-Aviv. The mission of Sepio Systems is to protect organizations from the existing threat of supply chain attacks.

For more information about Sepio Systems solutions and supply chain attack risks, visit www.sepio.systems, call +1 (240) 660-8690 and follow us on LinkedIn .

Media Contact:
Blue Studios, LLC
Allyson Ruscitella

media@sepio.systems
571.230.0157

Sepio Systems Named Finalist for Cybertech 2017 Startup Award

FOR IMMEDIATE RELEASE

TEL-AVIV, Israel, January 27, 2017—Sepio Systems, a cyber security company protecting organizations from device supply chain attacks, has been chosen as a finalist for the Cybertech 2017 Startup Award. This nomination recognizes exceptional cyber security startup companies that embody excellence, potential and innovation.

“Supply chain attacks are devastating to organizations,” said Bentsi Ben-Atar, CMO of Sepio Systems. “Our security suite offers an innovative solution to this rising problem, and we are honored to be recognized as pioneers in this field. In 2017, we expect to increase market penetration and emerge as the leader.”

Winners will be revealed at the Cybertech 2017 Startup Award Ceremony on February 1 in Tel-Aviv, at the Cybertech 2017 worldwide conference and exhibition. View the full list of finalists.


About Sepio Systems

Sepio Systems was founded by cyber security experts from private industry and government agencies, with global recognition and decoration in combating supply chain threats. Sepio Systems is headquartered in Maryland with offices in New York, South Carolina and the Research and Development Center in Tel-Aviv. The mission of Sepio Systems is to protect organizations from the existing threat of supply chain attacks.

For more information about Sepio Systems solutions and supply chain attack risks, visit www.sepio.systems, call +1 (240) 660-8690 and follow us on LinkedIn .

Media Contact:
Blue Studios, LLC
Allyson Ruscitella
571.230.0157

Sepio Systems to Present its Innovative Security Solution at the Annual Maryland/Israel Showcase on Dec. 1 in Silver Spring, MD

FOR IMMEDIATE RELEASE

BETHESDA, MD, Nov. 25, 2016—Sepio Systems will present its innovative security solution at the Maryland/Israel Showcase at the Silver Spring Convention Center, on Dec. 1, 2016. The Maryland/Israel annual event connects local Maryland businesses with companies co-located in Israel and Maryland.

Sepio System’s Co-Founder and Co-CEO, Yossi Appleboum, will introduce the solution for securing organizations against malicious hardware devices sent through their supply chains. At the event, Sepio will unveil a combined hardware and software solution for securing critical infrastructure against threats arriving from peripheral devices. Sepio’s security solution isolates the attack—and provides nearly 100 percent assurance that threats will not breach security if the supply chain is compromised.

Appleboum notes,

"Sepio’s solution is offering a new level of security to organizations against threats coming from their device supply chains. While organizations around the world secure themselves against many other cyber threats from inside and outside their networks and applications, the supply chain door remains wide open—providing attackers the opportunity to penetrate their infrastructure. Sepio’s solution secures our customers against supply chain threats and provides full threat level visibility ofreceived device shipments."

To learn more about Sepio’s security solution, come meet the team.


About Sepio Systems

Sepio Systems was founded by cyber security experts from private industry and government agencies, with global recognition and decoration in combating supply chain threats. Sepio Systems is headquartered in Maryland with offices in New York, South Carolina and the Research and Development Center in Tel-Aviv. The mission of Sepio Systems is to protect organizations from the existing threat of supply chain attacks.

For more information about Sepio Systems solutions and supply chain attack risks, visit www.sepio.systems, call +1 (240) 660-8690 and follow us on LinkedIn .

Media Contact:
Blue Studios, LLC
Allyson Ruscitella

media@sepio.systems
571.230.0157

Sepio Systems to Introduce Endpoint Protection Software Agents at Atlanta Data Connectors Conference

FOR IMMEDIATE RELEASE

 

BETHESDA, MD, Sept. 12, 2016—Sepio Systems will present during the Cyber Summit at the Hyatt Regency in Atlanta, GA on Sept. 15, 2016. The Data Connectors conference hosts cyber security experts responsible for protecting corporations and introduces new industry solutions to address emerging threats. Co-Founder and VP of Sales, Greg Poch, will introduce the company’s new software agents for protecting endpoints.

Mr. Poch notes,

"We are proud to add the new software agents to our product line. Our combined hardware and software solution serves a broader market. It is an extension to existing endpoint security platforms focused on securing hosts against USB storage devices.”

Sepio will introduce a combined hardware and software solution for securing critical infrastructure against attacks arriving from peripheral devices connected via USB ports. Sepio’s security solution isolates the infrastructure—and provides assurance of security if the supply chain is compromised.

Meet the Sepio System’s co-founders at The Data Connectors conference on September 15, 2016.


About Sepio Systems

Sepio Systems was founded by cyber security experts from private industry and government agencies, with global recognition and decoration in combating supply chain threats. Sepio Systems is headquartered in Maryland with offices in New York, South Carolina and the Research and Development Center in Tel-Aviv. The mission of Sepio Systems is to protect organizations from the existing threat of supply chain attacks.

For more information about Sepio Systems solutions and supply chain attack risks, visit www.sepio.systems, call +1 (240) 660-8690 and follow us on LinkedIn .

Media Contact:
Blue Studios, LLC
Allyson Ruscitella

media@sepio.systems
571.230.0157

USB Ports as Cyber Threats—More than just a Thumb Drive

As a young computer geek, I still remember the excitement when USB was introduced. One connector that offered so much—no more special cables per device type, the ability to “hub” multiple devices, the flexibility—and the new hardware devices in stores.

Years later, as an older computer geek ;), I remember the first time I was introduced to the potential of USB as a security threat. There is not one organization today that is immune to this threat. Many organizations—from financial institutions and critical infrastructure to governments—have been infected.

USB ports offer virtually unlimited functionality including Human Interface Devices (HIDs) such as keyboards, mice, barcode scanners and card readers; communication interfaces such as Ethernet, Wi-Fi, Bluetooth and Cellular; and multimedia devices such as microphones and speakers. This unlimited functionality comes with unlimited threats and potential attack vectors.

Many cyber security vendors have introduced—and continue to introduce—good solutions that are focused on protecting against malicious “detachable media” (such as thumb drives). Most of these solutions are offered as part of an endpoint security platform.

The problem with these solutions is they focus on a small part of the problem—but neglect to address the total threat. The “small” part is an important part—but absolutely not sufficient. Some of these solutions offer a way to control the USB functionality on a device type or on a device instance level. But upon device approval (“whitelisted”), they lack the ability to protect the port. Current USB threats are far more than that—attacks can start by connecting innocent looking barcode scanners or any other entry device (i.e. keyboard, mouse, magnetic card readers). Once connected, these devices turn out to be malicious and abuse these connections.

Malicious USB devices are delivered and installed in financial institutions, data centers and other critical infrastructure facilities. These devices are delivered as legitimate devices—by a breached supply chain—starting with vendors and subcontractors, through shipping and distribution channels, to the integrators that install them at target locations. They can, in many cases, be altered later by on-site, trusted visitors.

Sepio is focused on securing computer infrastructure against supply chain cyber threats. Our state of the art USB Cyber Security Solution secures the host’s USB ports and allows the safe connection of different entry devices without concern about infected malicious applications.

Securing endpoints is critical. Existing endpoint security platforms provide a good solution to dangerous threats, but are not sufficient. Other measures, such as the Sepio USB Security Solution, should be added for optimal security.

Please share our blogs and send comments, ideas and materials for future blogs. For more information, visit www.sepio.systems, and follow us on Twitter andLinkedIn.

The Safest Barcode Scanner in The World

A study on barcode scanners shows that a significant percentage of these devices— manufactured in China—were infected with the Zombie-Zero malware to send customer proprietary information to Chinese vendors.

When my daughter turned 2, she received a toy cash register with a barcode scanner. I am beginning to think it is the safest barcode scanner in the world.

 

Barcode scanners, magnetic card readers, RFID readers and similar entry devices used in Point Of Sale (POS), warehouses and other back-office applications are connected to computer endpoints via USB. Even if the connection is wireless, the receiver is eventually connected to a USB port.

When these entry devices are connected to the host computer, they appear as keyboards and the host cannot distinguish between them and “normal” keyboards. When a user scans a barcode, swipes a magnetic card or touches an RFID card, the programmed code is sent to the host PC as a series of keystrokes. Then, the host application (i.e. the POS software) reads these keystrokes.

When entry devices are integrous and do not abuse this connection, they work as expected and offer ease of installation, use and maintenance. But many of these devices are NOT TRUSTED and ARE MALICIOUS. They are used by criminals to attack the computing environment. Since the host computer has no way to distinguish between barcode scanners and “normal” keyboards, a malicious device might be used in order to run scripts that execute misconfiguration attacks, ransomware attacks and many other kinds of “goodies” without even being connected to the internet. It may also run a reverse-command-shell, allowing a remote command and control channel to the host computer and to the entire computing infrastructure.

The barcode scanner story is one example of a much broader security problem we face. Most connected peripherals are manufactured by vendors and delivered via unprotected and vulnerable supply chains. They have become a serious cyber threat to our computing infrastructure.

Sepio focuses on securing computer infrastructure against supply chain cyber threats. We deliver solutions to ensure real-world applications are as secure as my daughter’s toy.

Our state-of-the-art USB Cyber Security device secures the host’s USB ports. It ensures a safe connection for different entry devices, preventing network infection by malicious applications.

Please share our blogs and send comments, ideas and materials for future blogs. For more information, visit www.sepio.systems, and follow us on Twitter andLinkedIn.

Supply Chain Cyber Attacks—from Infected Software to Malicious Hardware

Cyber-attacks on supply chains have become a major threat to critical infrastructure. Compromising supply chain integrity by inserting malicious components has become a central discussion topic in black-hat-hacker forums. While most conversations are focused on insertion methods of infected software modules, there has been a recent swell in communications regarding penetration methods of malicious hardware components.

Software Infection vs. Malicious Hardware
Various methods can be used to insert infected software modules into an organization’s software supply chain including code-alteration of 3rd party software libraries and intentional exploitation of zero-day vulnerabilities through code-execution. Once attackers find a way in, the challenge becomes finding a way out. With modern multi-layer security platforms installed in most secured networks, the hacker’s challenge becomes ejecting the stolen data.

Since security solutions have focused on sealing the way out, criminals have sought an alternative–the insertion of malicious hardware.

The insertion of malicious hardware into a secured organization requires “on-the-ground” capabilities, including knowledge of supply chain management and logistics.

Malicious hardware attacks were first thought to be executed by governments. But terrorist and criminal organizations have gained supply chain management capabilities—and understand inserting malicious hardware into a top-secured supply chain is easier and more lucrative than maintaining a cache of illegal weapons and drugs. Inserting malicious hardware may still be considered more difficult than inserting infected software—but the data-way-out path is easier—offering unlimited out-of-band communication paths that avoid monitoring or security measures.

The “50 Keyboards” Question
During a recent meeting with a CISO of a large bank, I posed a theoretical question: “If I send 50 boxes containing keyboards with an authentic-looking bank label and a note that reads:

‘Your division has been selected by the bank IT department to test this new keyboard. We will contact you soon to get your feedback.’

How many keyboards would be installed the next morning?”

The answer was shocking, “More than 45”.

This attack would involve 50 keyboards at $13 each, plus shipping fees. Criminals would need only one to be installed to launch the attack and “kill the bank”.

Building a Malicious HID
Human Interface Devices (HIDs) including keyboards, mice, barcode scanners, andKVM switches can be easily altered to become malicious devices. By “hub-ing” the USB connection to the host and connecting rubber-ducky keyboard emulation devices and wireless communication devices (wifi/bluetooth/cellular) in a parallel , a multi-phased attack can be executed against the computer infrastructure. In less than one business day, a malicious device can be shipped to its destination and an attack is launched the next morning (thanks to overnight shipments). At a cost of less than $500, this malicious device can penetrate a secured facility. Once inside, it runs a script and via a hidden wireless connection (i.e. a cellular modem) sends proprietary data out, injects data and executes commands from a remote location.

Sepio Systems has introduced its USB Security Device that protects against such threats. In the next post we will describe the Sepio solution in greater detail.

Share our blogs and please send comments, ideas and materials for future blogs. For more information, visit www.sepio.systems, and follow us on Twitter andLinkedIn.

Sepio Systems to Unveil USB Security Device at DC Metro Cyber Security Summit

FOR IMMEDIATE RELEASE

BETHESDA, Md., June 30, 2016—Sepio Systems is presenting at the Cyber Summit at The Ritz Carlton Hotel in Tysons Corner, VA on June 30, 2016. The Cyber Security Summit connects C-level executives responsible for protecting critical infrastructure and introduces innovative industry solutions to address emerging threats.

Sepio System’s Co-Founder and Co-CEO, Mr. Yossi Appleboum, will serve on a panel of experts discussing emerging risks likely to become major threats in 2016. The panel will addresscounter measures and innovative solutions to defend against major cyber threats.

At the conference, Sepio is introducing a solution for securing critical infrastructure against threats arriving from peripheral devices connected via USB ports. Sepio’s device isolates the infrastructure—and provides nearly 100 percent assurance that threats will not breach security if the supply chain is compromised.

Iftah Bratspiess, Sepio’s Co-Founder and Co-CEO, commented on the introduction of Sepio’s new solution, "We are excited to introduce our patent-pending USB security solution that protects critical infrastructure against threats via the supply chain. Our security solution is an extension to the existing endpoint security platforms focused on securing hosts against USB storage devices but do not provide security against other USB peripherals—commonly used in end points, data centers, HVAC systems and more".

To learn more about the Sepio USB Security Device, visit their booth at The Cyber Security Summit and meet the team.


About Sepio Systems

Sepio Systems has developed a new approach to protect critical infrastructure supply chains. The Sepio USB Security solution is based on a uni-directional device that stops potential data leakage (DLP) and hardware misuse. Sepio’s solution is fully integrated with current endpoint security platforms and SIEM systems. Sepio Systems was co-founded in May 2016 by industry leading cyber security experts Yossi Appleboum, Iftah Bratspiess and Bentsi Ben-Atar. For more information, visit www.sepio.systems, and follow us on Twitter and LinkedIn.

Media Contact:
Blue Studios, LLC
Allyson Ruscitella
571.230.0157