Truly anonymous virtual private lines connecting real-time from hundreds of countries worldwide to a state-of-the-art threat intelligence center — with no discernable latency? It’s all in a day’s work for Telos Ghost.
One of the world’s largest multinational financial services corporations with over $10 billion in annual revenue faces increasingly sophisticated threats from cyber criminals. These escalating cybersecurity threats put millions of dollars in transactions at risk each day.
To thwart criminals, the company had two choices: one, lock down their system to make it safer, but less functional. Given the competitive nature of the financial services industry, less functionality and flexibility would be corporate suicide — a move their competitors would celebrate. Their second choice? Maintain their open system and their competitive edge — but stay one step ahead of the criminals.
In order to mitigate the significant risk posed by cybercriminals in the more than 200 countries where they do business, the company decided to build a state-of-the-art threat intelligence fusion center with very specific technical needs and requirements. However, they faced two major challenges in bringing this center to life.
If you want to beat your enemy, you need to understand him or her. This means making sure you can gather real-time, uncompromised data — anonymously. Malware and attacks need to be studied and analyzed quietly without tipping off the enemy. Data needs to be returned to analysts quickly, without being traced.
However, doing this on a corporate network is risky. To mitigate risks, any environment used to study malware needed to be completely technically and commercially separate from the corporate network. This distinct network must also be set up quickly, with nodes available in short notice within any of hundreds of countries across the globe. Nodes that may ultimately be compromised and discarded, while new nodes are quickly created elsewhere.
The traditional way of setting up this kind of network using private leased lines is incredibly cost-prohibitive. Other custom solutions can be cost prohibitive, Telos Ghost routinely beats all other solutions when it comes to cost. However, cost is not the only issue.
Not only does this network need to be separate and distinct, it also must meet stringent performance requirements for uptime and minimal latency. It must also be completely anonymous. Latency tips off the enemy. Downtime costs money. Easily traced sacrificial nodes compromise investigations and expose organizations and their computing assets.
Because of this, traditional means of anonymization like Tor or one-hop proxies are inadequate. Why?
Whether you are sending or receiving data, Tor and similar products are notorious for latency, uptime issues, and identifiable nodes. Identifiable nodes makes it obvious that you aren’t where you claim to be, while network latency and uptime issues slows your investigation to a crawl. Not acceptable in a business where time can mean the difference between thwarting an attack or cleaning up after it.
The bigger issue is that Tor isn’t really anonymous, and neither are competing products. It isn’t hard for criminals to find published lists of their so-called anonymous nodes. Use these products, and you’re easy to track. A threat intelligence center that isn’t actually anonymous cannot gather the kind of data needed to justify its existence.
Is there any way to meet these challenges within a realistic budget and timeframe?
These unique needs and costly challenges meant finding vendors with novel solutions to intelligence gathering and analysis. Enter Telos Ghost.
The Telos Ghost team built a custom network infrastructure to support the firm’s extensive global reach, allowing them to have a presence in any of hundreds of worldwide locations in short notice. This new infrastructure is sustainable and flexible, and most importantly it is not connected to the company or their new threat intelligence fusion center in any way.
Not only that, but the network is truly anonymous and surprisingly fast. Nodes appear to be part of the local cyber landscape, and cannot be traced back to their source. Minimal latency allows for rapid data collection and online activities. Proven uptime means the intelligence team is always working, never waiting. Easily managed sacrificial nodes enable nimble data collection.
Only three weeks.
Far less than the company was expecting — less than $500,000. Not only is this incredibly competitive when compared to setting up private leased lines in over 200 countries, but it pales in comparison to the real costs of an actual cyber breach.
Not only was this affordable solution put in place quickly, but Telos Ghost can also be layered with other products to create a suite of robust and comprehensive threat intelligence tools. Because Telos Ghost passes all ports and protocols, it can be used seamlessly in conjunction with a wide variety of tools and applications that require obfuscation or managed attribution.
The new fusion center is up and running, and for this company it is absolutely mission critical. Threats against the company’s infrastructure are a threat to the life-blood of their business. It is imperative that they stay ahead of the cybercriminals — and thanks to Telos Ghost they can.
Because Telos Ghost gives our customers a distinct competitive advantage in the cyber war, we are prohibited from sharing their identities in the public domain. To learn more, please contact us about a demo or trial at 800-708-3567.
If your organization meets certain requirements, we will share additional information about this case study — and more like it — to give you a better understanding of how you can leverage the power of Telos Ghost.
To learn more, request a demo, or inquire about a free, no-obligation trial of Telos Ghost, call us at 1-800-70-TELOS (800-708-3567) or fill out our contact form today.