National Security News

Reporting the facts on national security

National Security News

AI Cyber Russia Uncategorized

Collective Defence is the Best Protection Against Cyber Attacks, says IronNet CEO.

State-sponsored computer hackers are weaponising artificial intelligence to launch cyberattacks against western militaries, governments, and private companies, according to a leading industry chief. 

Potential targets will need to adopt a form of collective cyber defence to protect themselves from sophisticated attacks by Russia, China, Iran and North Korea, the head of one cybersecurity company has said. 

Cyber Security Ransomware Email Phishing Encrypted Technology, Digital Information Protected Secured

In an interview with National Security News, Linda Zecher, the Chief Executive Officer of IronNet, a leading cyber security company, said that “bad actors” were now using artificial intelligence (AI) and machine learning (ML) in cyber warfare as part of an attempt to disrupt governments as well as steal crucial data from private companies. 

IronNet is now one of the world’s most innovative cloud-based cyber security companies and uses “collective defence” by sharing data to protect the company’s customers from cyberattacks by foreign governments. 

The company has contracts with the U.S. Navy and is due to begin working with the Ukrainian government to help protect the country against relentless Kremlin-orchestrated cyberattacks. 
IronNet also supports leading banks, government institutions and provides support to the Gulf state of Bahrain, which faces almost daily cyberattacks from Iran. 

IronNet CEO Linda Zecher. Source C5

Ms Zecher said that one way of combating the impact of bad actors was the use of collective defence, where institutions, what she calls ‘entities’, share anonymised data about the type and nature of an attack. 

She said: “Cyberattacks can shut down whole infrastructures. Bad actors, such as Russia, China, Iran and North Korea, can now get into networks. It is no longer the case that bad actors are going into individual computers and stealing someone’s data. These days, your simple computer is connected to your office and your home electronics so a small-scale attack can shut down your computer and your home. On a larger scale, a sophisticated attack can disrupt an entire organisation. 

“So the best way to protect against these bad actors is through collective defence, which is like a form of insurance against cyberattacks. Collective defence allows you to say if this is happening to entity A, either a government department or private institution, then entity B can share that information and protect against that attack.  

“It is a community that collects information from bad actors. The larger the community, the better the defence, which is what IronNet is building. We know that if bad actors hit one utility, they are going to hit others, and if they target one bank then they are going to attack multiple banks. Within governments, the targets can be senior officials or government infrastructure. By sharing that information, you are far better able to protect yourself.” 

IronNet is able to offer this form of collective defence because the company has created two unique products called Iron Dome and Iron Radar.  The products use AI to predict from where the threats are likely to emerge and what they are likely to attack. IronNet shares these findings with all of its subscribers to help protect their organisations from increasingly sophisticated attacks by hostile states. 

Ms Zecher added: “There are other products out there but they don’t provide security with collective defence where there can be collaboration across entities. 

Companies which would want to join buy a subscription and we normally sell for a three- or five-year period. We put sensors into their networks and we would start monitoring their data and then start sharing that data. The cost would vary depending on how large the entity is, how many sensors are required, there are multiple things to it. It is a Chinese menu of options which can be incorporated. 

“But the more entities which join, then the stronger the collective defence becomes. The cool thing about this is that the data is not exposed so if I’m a utility and I don’t want anybody else to know I’m being hit because that’s a private thing then I can share that data without the other participants in that sharing pool understanding that this is coming from a specific company, it keeps it anonymous. 

“If bad actors get stopped on one door and they go to the next – it’s constant. Just as we are getting smarter, they are getting smarter. The way we are getting attacked today across networks is completely different and far more sophisticated than how we were getting attacked a year ago. It’s warfare in the cloud.” 

IronNet was founded in 2014 by General Keith Alexander, the former head of the US National Security Agency and was at one stage valued at 1.2bn USD. But the company quickly ran into financial difficulties and had to file for chapter 11 bankruptcy, which meant that it was able to carry on trading while reorganising its financial affairs.  

IronNet’s collective defence is a completely new technology which requires information sharing both in the private sector and with governments. But most governments and private companies struggle with the concept of sharing confidential information – even if it is anonymised. The general assumption is that secrecy means security, but secrecy is hard to maintain and can isolate the defender.  Consequently, it has taken longer than IronNet’s management thought to make this cultural breakthrough. The management also underestimated the time it would take to get governments to approve information sharing. The net effect of tis was that IronNet went public too early and missed two quarterly forecasts, which led to the collapse of its share price. IronNet  has now recovered from the mistake through a successful Chapter 11 restructuring that makes it a private company again. Despite its financial difficulties it made breakthroughs with winning NAVSEA and Ukraine as clients. 

Ms Zecher added: “We filed for chapter 11 bankruptcy last October because we needed to restructure the company. The good news is that we are emerging from that. IronNet is now going to be a private company, it’s not going to be a public company. We have new management, new investors but our customers stay with us. This is the new IronNet – the IronNet 2.0 and we are very excited about where the company is going to go and our prospects for the future. The majority of our customers stayed with us because they saw the value in the product and the services that we provide.” 

Despite the financial issues, IronNet managed to keep hold of the majority of its customers including the U.S. Navy Sea Systems Command (NAVSEA), whose primary role is to engineer, build, buy, and maintain the U.S. Navy’s fleet of ships and its combat systems, NAVSEA’s. The organisation has a budget of almost $30 billion, which accounts for nearly one quarter of the Navy’s entire budget, with more than 80,200 personnel and 150 acquisition programmes under its oversight. 

Ms Zecher added: “While NAVSEA is very well protected the supplies are not necessarily so well protected – but what we do is protect the supplies and we maintain that data across all of them so that if one is hit then we can not only secure that one but help secure the others.  It is the supply chain which can be targeted and used as a way of getting into a very secure organisation. But a supplier who is not protected by your framework can do incredible harm to your network and bad actors know that and they come in through these vulnerabilities and that is what we try and protect against.” 

IronNet is close to signing a multi-million USD contract with the Ukrainian government which will see Iron Radar and Iron Dome incorporated into the country’s cyber defence system. 
Just last week the Ukrainian government disclosed that three government organisations had been hit by a large-scale cyberattack. Kyiv said that the country’s state-run energy company Naftogaz had been attacked. The Ukrainian national postal service Ukrposhta also reported a “significant technical failure” in its IT systems. 

Navsea locations – one of IronNet’s clients. source US Navy

Ms Zecher added: “The Ukrainian government is getting funding from governments around the world so it’s taking a little bit of time but it’s moving forward, and we expect to get that done within the next weeks to maybe a month or so. The contract will be worth upwards of 9m USD in phase one and in phase two it is significantly larger than that but in both cases, it’s going to be a very good contract and an annual renewal contract with IronNet.” 

She said that Russia was conducting sophisticated attacks against Ukraine. 
Returning to IronNet’s financial health, Ms Zecher said: “Like any other company, IronNet is going to grow within our budget and in the right way – it’s going to be smart growth. The company is at a point of cash-flow break-even, which is critical for any organisation. We are financially sound, and we have good investors behind us. The future looks very exciting.” 

Sean Rayment is the Defence and Security Editor for National Security News. He is also a best selling author, broadcaster and award-winning defence and security journalist. He has also previously served as an officer in Parachute Regiment Officer. He has reported from war zones around the world including Iraq, Afghanistan, the Balkans, Africa, and Northern Ireland and is one of the few British journalists to twice visit the US detention centre at Guantanamo Bay in Cuba. He has written for virtually all British national newspapers and specialises in security, intelligence, and defence reporting, with a specific interest in mental health issues in the military community. Sean is also the author of Bomb Hunters and Tales from the Special Forces Club. He also co-wrote the international bestselling Painting the Sand with Kim Hughes GC and Endurance with former SAS operator Louis Rudd.