by Noam Taylor
I spoke recently with Oleg Vusiker, CEO and Co-Founder of Salvador Technologies, which specializes in OT (Operational Technology) cybersecurity solutions. He shared his company’s goals and innovations, opening a window into a new approach to cyber defense.
Before launching Salvador Technologies, Vusiker spent 10 years in the Israel Defense Force’s Unit 8200, its elite cybersecurity unit. This experience led Vusiker to the main insight that distinguishes Salvador Technologies from the old world of cyber security. He realized that the simple and terrifying reality of cyber security today is that the attackers always will get in. Once an attack is commenced it is no longer a matter of if, but rather when systems start malfunctioning as the malware takes them over.
What follows is that the cyber defense solution can’t focus on prevention, but rather must focus on support and backup in the aftermath of a breach. The objective is to regenerate a system and have it up and running moments after a hacker breaks through the defenses.
Salvador Technologies applies this principle to OT, which refers to systems that operate large scale manufacturing, , power systems, healthcare and other systems that cannot go offline for even a few minutes. The main factor that separates the field of OT from IT (Information Technology) is that OT systems are old and often manual. This creates a sort of ironic situation where a cyber attacker’s first path towards penetrating a computer system is actually the “back door,” the backup system.
“OT backups are commonly older and can even be operating on old versions of Windows,” explained Vusiker. “Besides that, these long-outdated backups are frequently unmonitored, which leaves the hackers to do as they please, undetected—tackling these colossal and lumbering systems to the ground. By the time anyone smells smoke, so to speak, it is far too late.”
Salvador Technologies offers an innovative set of solutions to this risk. First, their goal is to replenish and save a system once it is attacked. To make this work, Vusiker posited that a good rule of thumb is to follow the 3-2-1 principal: 3 copies, at 2 locations, with 1 copy offline.
The Salvador Technologies’s backup system, which is separated from the client’s system, runs for all of its clients across the world. Vusiker added, “As the famous adage goes, ‘Don’t put all your eggs in one basket.’ The outcome? When the viruses come, and systems begin to fall apart, it’s only a matter of minutes before things are up and running again. This prevents serious and possibly irreversible losses.”
Vusiker shared a story about an industrial chemical plant that suffered a catastrophic cyber breach, but due to Salvador Technologies’s solutions, their system was replaced within moments of the attack. This saved the chemical plant from serious losses as they were able to continue production as usual almost as if nothing had gone wrong.
The main product that Salvador Technologies offers is an edge site cyber response system. Essentially, every computer is individually monitored and guarded, with backups on a more atomized scale. This version is great for smaller networks, but they hope to introduce a more extensive system for the larger networks their clients operate. The new product would be a centralized version of Salvador Technologies’s already successful cyber-attack prevention and recovery system. Salvador Technologies is one of the first in the world to present this kind of centralized solution.
Another tool that Salvador Technologies uses to help its clients is their patented “Air Gap” cyber-attack prevention arrangement. An “Air Gap” maintains a complete separation between systems, preventing a hacker from making his way further into a company’s vital operating system. This approach is useful, given that it is common for hackers to enter through the unmonitored back up system. With an air gap in place, if a hacker has already penetrated a company’s backup system, he cannot continue forward into the core operating structure.
Salvador Technologies also provides customers with constant threat and virus detection. They monitor their vast industrial operating systems and provide constant updates on possible and incoming problems.
I asked Vusiker what he thought was approaching in the realm of cyber security in the future. His response was that aside from the advancements in hacker skill and technique, what looms in the future as a major challenge to his field is the application of artificial intelligence (AI).
When a hacker uses AI, he doesn’t just get smarter, he can use the AI as a tool during the process of hacking itself. According to Vusiker, AI tools can change their encryption during a cyber-attack, making it much more difficult to thwart the breach. Due to the challenges posed by AI, tomorrow’s cyber-attack prevention is becoming a wholly different task, with new and evolving difficulties. Salvador Technologies’s forward thinking puts them on track for being prepared for what’s coming.
Noam Taylor is a freelance reporter for The Journal of Cyber Policy