The foundation of the internet, DNS and PKI-SSL, is now threatened by attacks using SSL/TLS keys and certificates. We need an Immune System for the Internet to identify and neutralize key and certificate misuse.
Photo by Paulo Raquec. Unedited. Flickr.
When we humans created the cyber realm known as the Internet, we based its foundation on two fundamental technology pillars: DNS (Doman Name System) and PKI-SSL (Public Key Infrastructure-Secure Sockets Layer). DNS was the Internet's first technology pillar: It functioned like an address book and postal-delivery service, providing routing tables that got electrons (that is, electronic information) from Point A through 10 or 12 hops to Point B.
For a little while, DNS's miraculous ability to move information from computer to computer was enough.
Then people realized they couldn't necessarily trust the information they received via the Internet because there was no way to truly identify the sender. Peter Steiner's 1993 New Yorker cartoon delightfully illustrated this problem. In it, a computer-savvy canine tells his cartoon pal: "On the Internet, nobody knows you're a dog."
In 1995, Netscape's chief scientist, Taher Elgamal, spearheaded the effort to address the Internet's identity problem through the second technology pillar (SSL), and soon X.509 certificates were providing trustworthy communications to individuals and organizations everywhere. So foundational is this technology today that the New Yorker recently published a sequel to Steiner's famous cartoon—a 2015 cartoon by Kaamran Hafeez, wherein both dogs are computer savvy and the first says to the other: "Remember when, on the Internet, nobody knew who you were?"
For a little while, PKI-SSL's ability to establish trusted identities and to encrypt data was enough.
But in the last five years, many cybercriminals have successfully attacked businesses and governments that rely on the second technology pillar to provide trusted identities. And they've done it by using the pillar itself in the form of forged or stolen certificates and keys. You see: certificates and keys are powerful. They authenticate people, in this case the cybercriminals who stole or forged them, and they open the vaults to rich stores of information. They also encrypt data. So authenticated cybercriminals can use them to bring malware in, encrypted so no one can see it, and to send valuable data out, again encrypted. And the problem is only compounded given that many of Global 5000 organizations blindly trust the keys and certificates deployed on their networks.
To fix this problem, we need a third technology pillar: We need a cyber equivalent of the human immune system. Just as the human immune system travels throughout the body using HLA (human leukocyte antigen) markers to identify what is self and what is other, the Internet needs a technology that travels throughout cyber systems and identifies certificates that are forged or stolen—and then automatically neutralizes them, just as the human immune system automatically surrounds and destroys entities that are not self.
In other words, what the Internet needs if it is to have a whole and healthy foundation is the Immune System for the Internet™. Without it, the Internet's foundation will surely crumble. This is our mission: to provide global organizations with an intelligent, adaptive security solution that works like an immune system to secure the foundational trust that keys and certificates provide.
Check out this video on the Immune System for the Internet.