Company ProfileCompany Profile: CounterStorm
CounterStorm
15 West 26th Street, 7th Floor
New York, NY 10010
Phone: 212.206.1900
Fax: 212.242.2975
Computer hacking is a threat to essentially all enterprises — everything relying on these fickle bits and bytes is vulnerable. For organizations especially prone to targeting by ill-intentioned folk — which includes most homeland security, infrastructure, etc. — computer security poses an even greater risk. The incidence of targeted attacks is increasing, and sometimes these attacks are so narrowly focused that they avoid the attention of major security companies and are only eventually, or even never, addressed. A great exposure to risk also arises during the lag between when a system or program vulnerability is discovered, and when the appropriate patch is installed.
CounterStorm is a young, New York City-based company that serves the market for protection from so-called “zero day” attacks, those which occur before security patches are issued or before a signature has been identified for a particular threat. Begun as a DARPA-supported project out of Columbia University in 2001, the company emerged from stealth mode earlier this month to roll out its sole product, CounterStorm-1. The product is a hardware device that sits on a network and monitors activity using three distinct detection systems: behavioral attack recognition, anomaly detection and a dynamic”honeypot,” or sandbox for attracting attacks to observe hacker tactics. While other companies offer solutions based on some of these strategies, CounterStorm’s Michael Rothschild tells us that CounterStorm is unique in blending the three inputs to correlate an attack and improve the system’s accuracy. He claims the rate of false alarms through CounterStorm-1 is under ten percent, while 30-40 percent false positive rates are not uncommon with other systems. Indeed, the company has a strong claim to fame in having detected and stopped the recent Sober variant Y attack — familiar from email promises of important CIA or FBI communications, or Paris Hilton pictures — in just six seconds. Rothschild believes the release of this worm a week ago, when security analysts and patch developers across the United States were kicking back from their desks to enjoy a turkey meal, may not have been coincidental. “Over the next month, these types of attacks will happen more and more frequently,” he warns.
DHS is one of the major players that has bought into CounterStorm’s solution. On 7 November, the company announced it had won two Small Business Innovative Research (SBIR) grants from the Homeland Security Advanced Research Projects Agency (HSARPA) of the Department of Homeland Security’s Science and Technology Directorate, for a total of $1.5 million in new funding. Rothschild feels the awards reflect a growing appreciation of the threat posed by zero day attacks, as well as interest in the company’s unique technology approach.
CounterStorm is the brain-child of Columbia University computer science professor and company chief science advisor Salvatore Stolfo, whose laboratory gave birth to the technology, and president and CEO Gil Arbel, a veteran of leadership with Sapiens Americas Corporation, Enterasys Networks, and Computer Associates International. The company holds some half dozen patents on its technologies, and has received initial funding from Novak Biddle Venture Partners, JK&B Capital, Paladin Capital Group, Metropolitan Venture Partners and Columbia University Science and Technology Ventures. The undisclosed client list includes “more than ten” organizations including federal and local government, and representatives of the health care and financial sectors. The company also appears poised for growth with the sector: industry research firm In-Stat predicts the intrusion prevention system market is set to reach $1.4 billion by 2008, up from $541 million in 2003.
Visit the company’s Web site, or view the HSARPA Web site