Scanning the Dark Web for CyberthreatsBy Jan Hogewoning | Fri, 07/31/2020 - 13:20
Q: Why did you decide to launch KIPPEO Technologies in Mexico?
A: The EU is a very regulated market. Mexico offers many opportunities to grow and innovate and there is a great deal to do in the area of cybersecurity. In France, there is a state agency called Agence Nationale de la Sécurité des Systèmes d'Information (ANSSI) that was created in 2009 with responsibility for proposing rules in order to protect critical information systems for the French economy and verify the implementation of adopted measures. In the field of cyber defense, it provides monitoring, detecting, alerting and reaction capabilities against computer attacks, especially for the networks of the French State. We want to help bring our experience of working in the French ecosystem to companies in Mexico so they can protect their information systems.
Q: How is KIPPEO Technologies different from other consultancies?
A: We want to introduce new innovative solutions to the Mexican market, especially those that can identify cyberthreats in the deep and dark web. For us, prevention is a key word. This means finding whether an individual or group of cybercriminals is thinking about you or preparing something against you. These attacks are not decided from one day to another. They require a strategy and funding. We go into the Dark Web, for example, to find credentials that might have been stolen from the company. We are looking for all the stolen keys used to enter your company. We could see when the attack will happen and we do see whether it is being planned. When you have signs, you can direct resources to fight the threat before the attack actually happens.
We offer not only innovative solutions, but also solutions that are from the EU market. In Mexico, there are many security solutions from the US and Israel. We want to offer French companies a chance to address the international market. French technology is very good at detecting threats early. Apart from providing the tools to fight threats, we also believe strongly in training people. Every person in a company should be transformed into a cyber soldier, capable of detecting suspicious activities.
Q: What is the most common form of cyberattack?
A: Phishing is one of the most used attacks. One phishing method criminals use is to register a domain name very similar to that of the target company or organization. The name can be changed by a single symbol. We can detect these domains by going through DNS registers. We see whether an MX record has been activated, which specifies whether the mail server is capable of sending emails on behalf of the domain. These are all signs of preparation for a phishing campaign. When we detect the issue, we talk to host providers and ask them to take down those domains. Within two hours after the start of a phishing campaign, millions of emails have already been sent. By this time, it is often too late. Cyber criminals will gain access to your system and try to stay inside, finding their way to your crown jewels. They have many tricks to do this almost undetected.
We love to provide clients with proof-of-concept, to demonstrate that what we have in our portfolio provides value. Basically, we offer our software and consultation for one month and during that time we demonstrate in real time the kinds of threats their system is exposed to. We let them know if there is sensitive company information already out there. For many companies, this serves as a wake-up call.
Q: What are your cybersecurity solutions for industrial operations?
A: I am a Certified Security SCADA Architect. This means I am trained to evaluate operational systems for flaws that expose them to cyberthreats. The problem, globally, is that critical systems in industries are not well-protected. They have obsolete operating systems. A cyberattack on transport systems, power plants, electricity infrastructure or water infrastructure can have a far-reaching impact on a country’s security. We know cyber terrorists are trying to target these kinds of infrastructure. In Mexico, we would like to address cybersecurity of critical infrastructure. Given that we are relatively new in the market, we do not have contracts with the government, yet. Government decisions are often long term. Apart from critical government sector infrastructure, the private sector faces serious threats against its operational infrastructure. At KIPPEO Technology, we can bring together the information technology system with the operation technology system and provide a security solution.
Cybercrime is out to sabotage operations or steal intellectual property. This can be both foreign government-sponsored, as well as private sector-sponsored. Most attacks are directed by parties outside of Mexico but often with the help of criminal groups inside of Mexico. They are also seeking to plant people within companies to gain access or to determine the best strategy to attack the system. There are so many examples of companies losing their reputation because of cyberattacks. This is why I cannot understand why people do not take measures before an attack happens and usually wait to respond after the damage has been done.
We always say there are two types of companies: those that have already been attacked, and those that are going to be attacked. It is not a question of if, but rather when. Your webpage or webservices will be scanned and monitored by criminal parties. Your applications can be cloned into rogue apps and used to gain sensitive information. In most cases in Mexico, a company does not have a Chief Information Security Officer (CISO) who reports directly to the CEO. Instead, cybersecurity is dependent on the IT department. This limits the ability to have a holistic cybersecurity strategy.
Q: In which sector are most of your clients and where do you see the greatest opportunity?
A: We have big clients in HR and the manufacturing industry, particularly the food and automotive industry. Everything related to critical infrastructure, transportation, oil and gas, energy, pharmaceutical and food presents a significant opportunity for us.
Q: What are your main objectives for 2020?
A: Our main objective is to build a cyber academy. We have a strong partnership here in Mexico with Thales, another French company and a giant in cybersecurity. Together, we are building one of the first cyber training centers of excellence in the country.
Apart from being a consultant and value-added reseller, we also want to offer our own software. We are seeking investors to raise funds to develop security solutions here in Mexico. Our expectation is that within 18-24 months we will have our first in-house software solution, most probably related to IoT security. Apart from these goals, we also want to recruit more people. Mexico has very good engineers. In terms of growth, we expect to reach over 50 percent growth this year.
KIPPEO Technologies was founded in 2018 to introduce state-of-the-art cybersecurity technology to the Mexican market. The company offers a variety of services, including Governance design, constant monitoring and detection and resolution of threats