In 2019 it was announced that US Federal Agency facility had been hacked. The hackers went unnoticed for almost a year before eventually being discovered, but the damage was done. 500 megabytes of data from 23 different files from one of its major assets were stolen. Following the major Federal Agency security breach, several external entities chose to disconnect from the agency’s network. Following a tedious audit investigation that underwent months, it was found that a Raspberry Pi device was linked to the agency’s network without authorization.
An account belonging to an external user had been compromised. As such, hackers we able to gain access and steal 500 megabytes of data from 23 different files. Furthermore, the network was shared, not a segmented environment, which allowed the attackers to move freely between the various systems within the network causing further damage.
The Federal Agency security audit
The audit discovered that the agency had reduced visibility into devices connected to its network, thereby hindering the ability to comprehensively secure those networks. The considerable depth in which the attackers went provided them with access to several sensitive operations. When news broke, several connected agencies disengaged from the network to prevent further damage.
Sepio Systems is the leader in the Rogue Device Mitigation (RDM) market and is disrupting the cybersecurity industry by uncovering hidden hardware attacks operating over network and USB interfaces. SepioPrime, which orchestrates Sepio’s solution, identifies, detects and handles all peripherals; no device goes unmanaged.
The only company in the world to undertake Physical Layer fingerprinting, Sepio Systems calculates a digital fingerprint using the device descriptors of all connected peripherals and compares them against a known set of malicious devices, automatically blocking any attacks. With Machine Learning, the software analyses device behavior to identify abnormalities, such as a mouse acting as a keyboard.