CYFIRMA

CYFIRMA is a threat discovery and cyber intelligence analytics platform company with products and services built on artificial intelligence and machine learning technologies. It is headquartered in Singapore and Tokyo. Kumar Ritesh is the Founder, Chairman, and CEO of the company. ^[1]

The company was set up in 2017 with the mission to help government and businesses find new ways of managing cybersecurity. The company’s threat visibility and predictive analytics helps businesses connect the dots between threat actors, motives, methods, and campaigns (attacks).

To discover unknown threats and risks, and convert that to actionable insights, CYFIRMA’s AI engines collect data from many sources such as dark web, deep web, hackers’ forums, and closed communities, and analyse that using proprietary algorithms and mathematical models. ^[2]

CYFIRMA’s insights into the cyber threat landscape are tailored to each enterprise's specific industry, geography, and technology. The cyber intelligence provided predicts impending cyberattacks and intrusion as well as recommended remedial actions. Organizations can identify potential threats at the planning stage of a cyberattack.^[3]

CYFIRMA provides its services in a subscription model where clients can assess its platform for a real-time view of their threat intelligence posture. ^[4]

Products and Services

CYFIRMA’s flagship product is called DeCYFIR. DeCYFIR is conceptualized to help cybersecurity leaders adopt an intelligence-driven approach as opposed to an events-driven approach when managing cyber threats and risks. ^[5]

DeCYFIR consists of several modules.

Threat Visibility and Intelligence (TVI)

TVI provides a comprehensive multi-dimensional strategic, management, and tactical intelligence and cyber insights. This module answers WHO, WHY, WHAT, WHEN, and HOW of looming cyber threats, and provides recommendations for remedial actions.

Cyber Situational Awareness (CSA)

Real-time cyber insights, trends, cyber news, technology, regulatory & law, policy changes, emerging cyber-attacks, vulnerabilities, and exploits.

Cyber Incident Analytics (CIA)

Enable organizations to comprehensively respond to security incidents with not only tactical information but also strategic-level insights by mapping associated campaigns, hacker's affiliation, motive, and mechanism.

Cyber Education (CE)

A cyber-intelligence driven, industry-specific, customized cybersecurity awareness training program to identify phishing attacks and other social engineering tactics.

DecYFIR features and functions include the following:^[6]

• Client-tailored Outside-in/Hacker’s view of cyber threat landscape
• Multi-dimensional strategic, management and tactical cyber threat visibility and intelligence, that can be applied and integrated into organization’s security strategies, policies, processes, procedures, security controls and people
• View of risks and threat indicators at the planning stage, versus the execution and exploitation phase of a cyber-attack
• Indicator-centred threat hunting such as hackers’ conversation or geo-political issue driving the cyber threats and risks
• Integrate intelligence and insights into risk management, cyber posture management, regulatory, compliance, governance, investment and resource management
• Deeper analytical insights into situational awareness, cyber-attacks and events, incidents, vulnerabilities, technology or regulatory shift
• Proactive, predictive, real-time and multi-layered intelligence including - Strategic (WHO and WHY), Management (WHAT and WHEN) and Operational (HOW) intelligence
• Early indicators about potential threats
• Threat hunting and correlation
• Insights into new emerging threats and digital risks
• Situational awareness of global and local cyber events

History

CYFIRMA Chairman & CEO, Kumar Ritesh is a cybersecurity veteran. In his former role, he headed the cyber intelligence practice at Britain’s ‘secret intelligence service’ MI6 before joining the private sector as the head of cybersecurity for one of the largest mining and resourcing companies in the world, BHP Billiton.^[7]

Ritesh had identified important gaps in the global cyber threat intelligence market and wanted to bring his know-how into commercial organizations. He identified the following challenges faced by companies all over the world:^[8]

• Cyber intelligence companies were operational intelligence focused. Strategic and management intelligence were being overlooked, which are equally important for managing the evolving cyber threats and risks.
• Most organizations were still caught in an event-driven vs intelligence-driven approach when tackling cyber events, reactive to cybersecurity events occurring in and around their surroundings. Prudent cyber threat intelligence and insights should have provided proactive cyber posture management by identifying threats at the planning stage of cyberattacks.
• Unavailability of a single solution which combined intelligence into all elements of cyber posture management. Organisations needed to understand a correlated view of the current threat landscape.

To bring in the outside-in view and address the industry challenges of making cyber posture management intelligence-driven, Kumar Ritesh founded CYFIRMA on December 12, 2017, as the AI threat intelligence division of Antuit.^[5][6]

In 2018, Goldman Sachs added $15 Million to CYFIRMA.^[9][10] Later in July 2018, CYFIRMA launched cybersecurity solutions for cryptocurrency exchanges.^[11][12] and also opened a media briefing session on "360-degree cybersecurity service" in the same month. ^[13]

In September 2018, CYFIRMA announced additional information on a phishing/smishing campaign related to the theme of the Tokyo Olympic Games.^[14][15]

In November 2018, CYFIRMA issued warning reports on the vulnerability of Nginx.^[16]

Early in 2019, CYFIRMA published 15 cyber threat predictions for 2019. ^[17]

In July 2019, the company launched its cloud-based Cyber Intelligence Analytics Platform (CAP) v2.0, with released modules including Cyber Threat Visibility and Intelligence, Cyber Situational Awareness, and Cyber Incident Analytics.^[18][19][20]

Towards the end of 2019, CYFIRMA published its threat predictions for 2020.^[21]

On Jun 30, 2020, the company announced the launch of DeCYFIR and introduced the new features of Threat View, Risk View, Risk Score, Hackability Score, Risk Dossier.^[22]

Dark Web Research

CYFIRMA released its research and advisory related to COVID-19 in Jan 2020 on business continuity and resiliency. ^[23]

CYFIRMA released research findings on COVID-19 related vaccine hoaxes and scams where cyber criminals were capitalizing on the COVID-19 pandemic to achieve financial, geopolitical supremacy, and reputational objectives. The research revealed dark web marketplaces where illicit sale of coronavirus-related apparatus and medicine were rife.^{[24][25][26][27]}

The research also stated observations that cyberthreats related to coronavirus shot up 600% from February to March. ^[28]

CYFIRMA research uncovered a state-sponsored group from Pakistan launching cyberattacks to exfiltrate financial and other sensitive data from India’s PM CARES fund (a government initiative to collect donations in the fight against the COVID-19 pandemic). CYFIRMA research revealed that the hacker group was targeting the India Ministry of Health and large India-based conglomerates. ^[29][30]

CYFRIMA released further advisory on cyberthreats related to telecommuting where company data is accessed from unprotected home networks when millions of employees moved to working from home. Amidst the coronavirus pandemic, cyber criminals have created many fictitious Virtual Private Network (VPN) clients such as PandaVPN, RemoteArCon, and FreeRemoteConnect_CN to trick employees into disclosing their credentials to gain access to corporate networks. YourStory, an online business publication cited the research in its feature article on how the new post-pandemic normal leaves businesses vulnerable to attacks.^[31]

CYFIRMA research indicated the pandemic has proven to be very lucrative for cybercriminals such that they were observed to be joining forces.^[32]

Other Research

In Mar 2020, CYFIRMA uncovered changes in state-sponsored hacker groups attack mechanism where commodity malware was rapidly adopted by developing nations. The research showed newbie cyber-criminal gangs and threat groups using common malwares available on the black market. CYFIRMA research pointed to hacking groups from China and Russia using common malware to hide their crime and create confusion in the market so that they can launch their attack under noise and assign the blame to the creator of the old malware.^[33][34]

In Apr 2020, CYFIRMA shared its findings related to botnet attacks where cyberattack campaigns were designed to target internet-facing systems using customised Mirai bots. CYFIRMA research identified evidence suggesting MISSION2025 (Chinese threat group) was using customised Mirai bot to target Linux systems including network devices and IoT devices. The attack included brute-force against telnet and SSH as well as vulnerabilities exploits against DSL modems and GPON routers, D-Link and Netgear, Huawei routers, and Realtek SDK.^[35]

In Jun 2020, CYFIRMA uncovered a massive data breach at ST Engineering, a Singapore government-linked corporation providing defence and military engineering services globally. ^[36]

In the same month, its research arm also uncovered a massive exploit by Maze hackers where sensitive data from over ten companies were divulged within a day. ^[37]

CYFIRMA released a research on 29 May related to building systems that are capable of self-defence. The research discussed four key elements that are fundamental components of self-defence systems – monitoring behaviour, fault diagnosis, revitalization, and acclimatization. These capabilities can be achieved by introducing AI, machine learning, and predictive analytics technologies in cybersecurity and cyber-intelligence.^[38][39]

Recognition

Forbes

CYFIRMA’s Founder and CEO, Kumar Ritesh, was inducted into the Forbes Technology Council in Jun 2019.^[40]

Gartner

CYFIRMA was featured in the Gartner Market Guide 2020 for Threat Intelligence.^[41]

Frost and Sullivan

CYFIRMA was featured in the TechVision Opportunity Engines 2019.^[42]

CISOMAG

CYFIRMA featured as innovative Cybersecurity Startup Kickstarter in Feb 2020.^[43]

Cyber Startup Observatory

CYFIRMA was recognized by the group across US, UK, Europe and AsiaPac ^[44]

ICE71 Scale Program

CYFIRMA was inducted into the ICE71 (set up by Singapore Telecommunications and National University of Singapore) as a member under the Scale program. ^[45]

IndustryWired Award

CYFIRMA was awarded the Most Valuable Brand by IndustryWired in Dec 2019.^[46]

Contact details

Website: http://cyfirma.com/

LinkedIn: https://www.linkedin.com/company/cyfirma/

Facebook: https://www.facebook.com/Cyfirma/

Twitter: https://twitter.com/cyfirma

Contact Email: [email protected]

References

This article "CYFIRMA" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:CYFIRMA. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.