Cyber security breaches in the Middle East are widespread and frequently undetected. Photographer: Daniel Acker/Bloomberg
Cyber security breaches in the Middle East are widespread and frequently undetected. Photographer: Daniel Acker/Bloomberg

US firm on a mission to contain hacking



Every time you search for something on Google, hail an Uber or log into a bank account, your personal data probably flow behind the scenes through a series of separate, freestanding packages of software known as containers.

Although invisible to the user, this method has become the dominant way to code apps today. Programmers like it because it allows them to change one feature without breaking their colleagues’ work, and it helps software run more efficiently, saving companies money.

But the process is also giving hackers lots of new ways to steal people's information. Instead of a user's data going directly to one place, they can jump between dozens of containers for a single action. Hackers only need to gain access to one. Because of the way most containers are designed, they are black boxes on a network. Administrators may have no idea what is happening inside them.

This threat went largely unnoticed for a while as containers proliferated throughout the software industry. In 2014, it caught the attention of Sameer Bhalotra, the former senior cybersecurity director for the US president Barack Obama and an ex-Google employee. Mr Bhalotra created StackRox to address new techniques that exploit container technology.

“Enterprises are flying blind,” said Mr Bhalotra, speaking publicly about his start-up for the first time. “They often have no idea if a container went down by a design - it was no longer needed as user activity decreased - or due to an IT configuration error or a human error or an attacker.”

"[We] obsessed for nearly three years on building adaptive threat protection for containers. Instead of retrofitting old security approaches, we took the time to build a container-native platform from scratch," he said.

StackRox is backed by a Silicon Valley A-list of chief security officers, including Uber’s Joe Sullivan, Facebook’s Alex Stamos and SAP’s Justin Somaini. StackRox is in the process of completing a new funding round, according to reports.

A quarter of all large companies now use containers, and corporate spending on the technology is projected to double over the next two years to US$2 billion, according to 451 Research. Many companies rely on software from Docker, a start-up valued by investors at $1bn. Jay Lyman, an analyst at the research firm, said there is a “gold-rush mentality” to adopt the tool without a full appreciation of the risks. “Security is the number one challenge,” he said.

Docker and StackRox have become close partners, but Mr Bhalotra was not the only one to notice an opportunity. Aqua Security Software, an Israeli firm that secures containers, has attracted funding from the local cybersecurity billionaire Shlomo Kramer and Microsoft Ventures. The San Francisco-based Twistlock has raised some $30 million from Dell and other investors.

Uber is a devotee of the container, as is Alphabet’s Google, which has said every service it offers today runs on the technology. Google uses more than 2 billion containers a week. But these tech juggernauts have highly sophisticated security operations to deal with potential threats. Mr Sullivan said the company created its own software to detect container attacks. “Our security engineering team must be able to blend off-the-shelf security products with a great deal of custom work,” he said.

City National Bank first considered adopting containers last year, but none of its existing security systems could track them. “It’s hard to know if a new container that shows up is really supposed to be there,” said Gene Yoo, the head of information security at City National. Then the Los Angeles bank found StackRox and Docker. It is now moving “aggressively” to containers for its website and payment systems, which is reducing costs. Docker said its technology addresses key security threats that faced apps using earlier approaches without containers.

One feature of containers that hackers are actively exploiting is that they are ephemeral, Mr Bhalotra said. In attacks his company has studied, containers use a kind of suicide switch that controls when they are shut down and hackers who get inside often install malicious software to flip those switches. The code allows them to erase all evidence showing they were there. “Enterprises with advanced IT infrastructures are moving to containers, but they aren’t sure how to address security,” said Mr Stamos, who is also a StackRox backer.

Hackers are eager to take advantage, as StackRox found this spring when it began monitoring a major financial services firm. (Mr Bhalotra asked not to identify certain details about the project to protect the company's work.) StackRox said it detected more than 500 threats aimed at the finance firm's container software during a single month.

For Mr Bhalotra, thwarting malicious hackers is more than just business, it is a calling. "I’ve spent my entire career in security, from Washington DC to Silicon Valley, striving to find better ways to stop the bad guys and drive the security field forward," he says. "At StackRox, I have a simple mantra: build team, build product, serve customers. Our business is about earning trust."

Bloomberg

Race%20card
%3Cp%3E6pm%3A%20Al%20Maktoum%20Challenge%20Round%201%20%E2%80%93%20Group%201%20(PA)%20%2450%2C000%20(Dirt)%201%2C600m%3Cbr%3E6.35pm%3A%20Dubai%20Racing%20Club%20Classic%20%E2%80%93%20Handicap%20(TB)%20%24100%2C000%20(D)%202%2C410m%3Cbr%3E7.10pm%3A%20Dubawi%20Stakes%20%E2%80%93%20Group%203%20(TB)%20%24150%2C000%20(D)%201%2C200m%3Cbr%3E7.45pm%3A%20Jumeirah%20Classic%20Trial%20%E2%80%93%20Conditions%20(TB)%20%24150%2C000%20(Turf)%201%2C400m%3Cbr%3E8.20pm%3A%20Al%20Maktoum%20Challenge%20Round%201%20%E2%80%93%20Group%202%20(TB)%20%24250%2C000%20(D)%201%2C600m%3Cbr%3E8.55pm%3A%20Al%20Fahidi%20Fort%20%E2%80%93%20Group%202%20(TB)%20%24180%2C000%20(T)%201%2C400m%3Cbr%3E9.30pm%3A%20Ertijaal%20Dubai%20Dash%20%E2%80%93%20Listed%20(TB)%20%24100%2C000%20(T)%201%2C000m%3C%2Fp%3E%0A
COMPANY PROFILE
Name: Kumulus Water
 
Started: 2021
 
Founders: Iheb Triki and Mohamed Ali Abid
 
Based: Tunisia 
 
Sector: Water technology 
 
Number of staff: 22 
 
Investment raised: $4 million 
The smuggler

Eldarir had arrived at JFK in January 2020 with three suitcases, containing goods he valued at $300, when he was directed to a search area.
Officers found 41 gold artefacts among the bags, including amulets from a funerary set which prepared the deceased for the afterlife.
Also found was a cartouche of a Ptolemaic king on a relief that was originally part of a royal building or temple. 
The largest single group of items found in Eldarir’s cases were 400 shabtis, or figurines.

Khouli conviction

Khouli smuggled items into the US by making false declarations to customs about the country of origin and value of the items.
According to Immigration and Customs Enforcement, he provided “false provenances which stated that [two] Egyptian antiquities were part of a collection assembled by Khouli's father in Israel in the 1960s” when in fact “Khouli acquired the Egyptian antiquities from other dealers”.
He was sentenced to one year of probation, six months of home confinement and 200 hours of community service in 2012 after admitting buying and smuggling Egyptian antiquities, including coffins, funerary boats and limestone figures.

For sale

A number of other items said to come from the collection of Ezeldeen Taha Eldarir are currently or recently for sale.
Their provenance is described in near identical terms as the British Museum shabti: bought from Salahaddin Sirmali, "authenticated and appraised" by Hossen Rashed, then imported to the US in 1948.

- An Egyptian Mummy mask dating from 700BC-30BC, is on offer for £11,807 ($15,275) online by a seller in Mexico

- A coffin lid dating back to 664BC-332BC was offered for sale by a Colorado-based art dealer, with a starting price of $65,000

- A shabti that was on sale through a Chicago-based coin dealer, dating from 1567BC-1085BC, is up for $1,950

Our Time Has Come
Alyssa Ayres, Oxford University Press

Profile of Hala Insurance

Date Started: September 2018

Founders: Walid and Karim Dib

Based: Abu Dhabi

Employees: Nine

Amount raised: $1.2 million

Funders: Oman Technology Fund, AB Accelerator, 500 Startups, private backers