Quttera provides SaaS-based malware detection solutions to identify unknown and "zero-day" and alert users? threats on websites. Their technology combines artificial intelligence, multi-layer recognition engines, scoring layers, and other non-signature based approaches to make web malware detection faster and easier. In this interview, Quttera co-founder and CTO Michael Novofastovsky discusses the current threats and challenges to cybersecurity and offers an elegant solution for small and medium-sized businesses.
Describe the story behind the company: what inspired the idea and how has it evolved so far?Quttera was created as a center for innovative solutions to combat cyber malware. The three co-founders, including myself, set a goal to improve existing anti-malware tools and overcome limitations in the industry, such as signature-only based solutions, malware labs that rely heavily on manual research, zero-day attacks, and more.
It is our first patent registered in 2009 and is designed to detect vulnerability attacks in a given code or message. The algorithms and mathematical models in the patented methodology laid the groundwork for a heuristic and artificial intelligence-based technology called Quttera.
Since then, we have been developing new tools and services to detect, remove, and protect cyber assets from known and unknown cyber threats. Our technology has evolved into a multi-layered, feature-rich heuristic that works without signatures. Most importantly, it is designed to be flexible and can be adapted to the needs and specifics of any application. Any client system can easily integrate it and begin to leverage its ability to discover hidden threats, adapt and protect data, and connect to centralized threat intelligence databases.
For example, small and medium-sized business owners use our technology through ThreatSign, a SaaS website protection platform. Threat labs, email clients, telcos, hosts, security providers, cloud storage, ad inventory, IoT devices, and virtually any web-connected asset can use our technology via RESTAPI.
Quttera products and services include web application firewalls, external malware scanning, server-side malware scanning, SSL management, automated malware cleanup frameworks, open port scanning, DNS attack monitoring, blacklist checking, uptime monitoring, and other security features.
Here's a brief overview of Quttera's ThreatSign platform:
What are the current threats that online businesses should be aware of?Malware, spam, form data theft, denial of service, ransomware, and traffic theft are just a few of a long list of threats. You can find a detailed breakdown of real-world examples of each threat on our blog, but it would be difficult to list them all here.
I would say that the biggest threat or main cause of attacks on businesses is a lack of security education. Based on our polling, it seems that many SMB owners don't think their small websites or landing pages are targets because they don't have huge revenues or no revenues at all.
This leads to poor choices in web hosting and website platforms and a complete disregard for cybersecurity, which quickly leads to infections. While ThreatSign's statistics show that the number of sites coming to us proactively to set up protection is growing, the vast majority of new customers are still heavily infected and blacklisted by Google, Norton and others. Malware and hacking attacks have become more sophisticated and automated. Another interesting statistic is that a typical business website is attacked more than 40 times a day.
Who are the threat actors and what are their motivations?Most of the threat actors we see from customers who are affected and sign up to our SaaS platform, ThreatSign, for remediation are cybercriminals, hacktivists, and thrill-seekers. They are motivated by: profit - whether it's distributing SEO spam, phishing spam, emails, credit card information theft (skimming), clickjacking, traffic theft, ransomware, or DDoS. these criminals often operate internationally and have a lot of resources.1_Website Defacement and DDoS Attacks. Their aim is to stop the information of the website owner from being passed on or to replace it with different information.2_Website Defacement and DDoS Attacks. Playing hacker games. They are usually the least sophisticated attackers and use devices at home. However, they can cause serious harm to vulnerable sites. What are authorities doing to stop cybercrime?
Law enforcement agencies around the world are working together to track down and shut down cybercriminals. The process is difficult because professional threat actors know how to hide their tracks. Many of them operate in countries where governments are less cooperative. Despite the difficulties, law enforcement has taken some impressive actions. But investigations can take years, and in the meantime, websites around the world have fallen victim. New gangs have replaced those that were shut down. Law enforcement doesn't eliminate the need for strong Web site cybersecurity.
How do you think the CCPA will affect the e-commerce industry?The CCPA requires companies doing business in California to use reasonable procedures to protect their consumer data. This is a wake-up call to those who are careless. They will need to demonstrate that they have taken cybersecurity measures to protect their customers' data from being compromised. Many startups are offering compliance services, but not all are doing a good job. Those that offer cheap, low-quality services and think they are protected could suffer costly disappointment.
The smallest businesses are tax-exempt and they are usually the ones with the worst security measures. They shouldn't use a lack of legal obligations as an excuse to ignore security.The CCPA is just one more reason why they should have been doing what they should have been doing all along: implementing thorough, robust security protections for their websites and sensitive data. In addition, other regulations such as GDPR are pushing online businesses in the same direction. Security has always been crucial, but these laws are a reminder of the need to prevent data theft. Businesses need the help of companies with proven expertise to achieve the level of cybersecurity required by law.
Given the huge shift toward home offices, what should businesses do to ensure their operations?Businesses face many challenges in securing their operations when operating remotely. Whether it's enabling everyone to work from home or moving all operations to the Web, these five key features are:
Availability: The solution should be highly resilient and highly available, as any downtime affects employees and customers and imposes heavy costs on the organization. Scalability: the solution should be able to handle thousands of connections. Flexibility: The solution should support scaling in minutes or hours while minimizing ongoing maintenance and cost requirements. Simplicity: The solution should offer a choice of agent-based or agentless services. Security: The solution must be inherently secure and provide a way to set tighter controls at a global or local level. What trends and technologies do you find particularly interesting right now?Cloud and IoT are simple. The physical and digital worlds will inevitably become closer together and change the way we live, work, learn and go about our daily activities. Smart connected devices and their digital twins will continue to communicate in real time. The IoT will eventually move into every industry, bringing more aspects of our lives into "virtual reality" I love watching demonstrations of new AR/VR experiences, Industry 4.0, smart homes, smart medical devices, and other exciting experiences that will soon be commonplace.
How do you see the future of your industry?Bad actors interfering and controlling any point in the IoT chain in any way possible can cause physical harm. As a result, I can foresee more and more vendors targeting the scanning, management and protection of IoT assets. The market will become huge when SMB/SME adopts IoT, whether it's the servers that receive traffic, the controller devices, or the digital twins that exist in any digital model. All of these vectors will be targets for hackers and must be protected by cybersecurity solutions.
Today, our ThreatSign Web Security Network handles approximately 52 million requests per quarter and blocks an average of 1.2 million malware attacks. When the IoT enters the picture, you can imagine a network of scanned and protected IoT assets and other useful statistics to manage and assess the security of a company's IoT operations. We still don't know exactly what this will look like, but it's certain. I'm sure every cybersecurity vendor is working hard to prepare their technology and infrastructure, identify obstacles and challenges, and make sure they're ready for everything the IoT brings.
With new technology, it will be faster and easier to create and launch new websites. As a result, it's also driving the need to rapidly deploy cybersecurity defenses. One of our directions was to create a cloud-native, serverless protection, remediation, and monitoring 360-degree security solution that would allow us to scale and provide flexibility, simplicity, and of course, security. All of our protection modules, like WAF, are already cloud-native, and we're using Kubernetes to support customers and mitigate DDoS attacks.