These days, just about everything connects to the internet, from baby monitors to refrigerators. These objects that are connected to the enterprise network are the Internet of Things (or IoT), and cybersecurity firms have tried, and are still trying, to meet the major challenge of securing them.
Natali Tshuva explains that there are different kinds of devices we use: servers, including the cloud; edge devices like routers and network access devices; and all the rest, which is known as IoT. These can be “webcams, a printer, a pacemaker, insulin pump or a monitor in a nuclear reactor. These devices are spread throughout people’s homes, in critical infrastructure or in corporations.”
Tshuva is the co-founder and CEO of the IoT cybersecurity firm Sternum, which recently announced that it secured $27 million in Series B funding. She started the company alongside Arik Farber, Lian Granot and Boaz Shedletsky.
“All the ‘things’ have similar characteristics. They are determinist devices, which means they were programmed for a very specific purpose. Their computing resources are meager, and they don’t run a known operating system,” Tshuva explains.
The biggest problem, though, is that hackers take advantage of the unique characteristics of IoT devices to break into a network. Tshuva quotes recent research by Palo Alto Networks, which states that even though security cameras account for just 5 percent of all IoT devices, they are responsible for 33 percent of all security problems. This is because antivirus software cannot be installed on a network camera, and the organization cannot really see what is happening in that area.
Another issue with IoT devices is that they are relatively “stupid.” “This is a world of products that is not as data-rich as we would want. There’s equipment, even in the world’s biggest medical companies, that the companies know almost nothing about.” She gives the example of unknowns regarding insulin pumps for treating diabetes: “When the patient injects insulin, what is the extent of use, when the device breaks down and when it is resetting.”
Most companies that were founded to deal with the world of computing devices gave up on the devices themselves from the outset, due to how difficult it is to penetrate them. Instead, they offer a network solution, like a firewall, which analyzes the traffic of the devices on the network and tries to identify irregularities.
Sternum, which was established in 2018, chose to do it the hard way, by focusing on the devices themselves by making them more intelligent and secure. Its staff consists of veterans of the Israeli military’s 8200 signal intelligence unit, who gained experience with similar systems during their service. That includes Tshuva herself, who also worked for two controversial Israeli companies: the spyware firm NSO and phone-hacking tech company Cellebrite.
“We were looking for the lowest common denominator for all these devices, which differ from each other in their operating system – and that is the machine code. We developed an advanced system that knows how to analyze binary code, as well as to create a presence for our code.” Sternum’s solution is called Exploitation Fingerprint, and according to the company, it can “identify the fingerprint of an attack based on analysis of a binary code.” It is made to work with any device, from routers to medical equipment, smart toys to sensors.
According to Tshuva, the company’s technology can identify anomalies in the behavior of a device in real time, and even without an internet connection – for example, an attempt to rewrite the device’s memory, an attack called buffer overflow. Sternum’s solution acts as a kind of antivirus or security program, but more minimal and written in binary code, which is injected into the device.
Sternum works directly with the device manufacturers to implement the solution, either during development or after customers have already begun using the products. “We have a number of major customers, including Medtronic, Telit and customers in the railroad industry,” Tshuva says.
The $27 million in Series B funding brings the company’s total funds raised to about $37 million. The latest round was led by the international venture capital firm Spark Capital, with the participation of the international VC firm Square Peg, the European VC firm btov and additional investors. Sternum currently has 15 employees, and intends to hire more as a result of the funding.
In its press release announcing the funding, Sternum said: “The global IoT market is rapidly growing, and is expected to reach over $1,854.74 billion by 2028.” In addition to the existing challenges in protecting edge devices, “Companies find themselves constantly patching vulnerabilities and collecting logs from their devices – and where updating devices is expensive, complex, and takes a long time to propagate – through its advanced binary analysis and instrumentation.”
Sternum, the press release said, is the first platform to successfully perform on devices from 2013, which it protects by advanced means of data collection, as well as active cyber protection.