IBM is putting its recent Israeli security acquisition Trusteer to good use. The $1bn buyout of the Israeli financial security startup is giving IBM "a large footprint on the client side, and helping them with client cyber security, especially as IBM expands its cloud offering," said Trusteer CTO Amit Klein.
IBM, of course, is no stranger to security — IBM offers more than 100 cloud security products alone, for example. But Trusteer is helping IBM bump up its security portfolio, said Brendan Hannigan, general manager of IBM's security systems division. "Trusteer's expertise and superior technology in enterprise endpoint defence and advanced malware prevention will help our clients across all industries address the constantly evolving threats they are facing."
Established in 2006, Trusteer now has about 300 employees, and is one of the largest security firms working in the online banking space; among its customers are institutions such as Bank of America, Société Générale, INGDirect, HSBC, NatWest, and The Royal Bank of Scotland.
Although banks are generally conservative institutions, they were among the first to offer online services, going back to the 1980s. In 2006, said Klein, Trusteer CEO Mickey Boodaei "saw that banks were having a big problem securing transactions over their networks, with many systems open to attack by sophisticated computer data thieves".
Early versions of internet-based banking were rife with security holes, allowing hackers to use tricks like keylogging, screenshooting, and financial malware — "especially MitB, man in the browser systems," hijacking clients' computers to conduct phony transactions, Klein said — to steal. Boodaei "saw a great opportunity for Trusteer's technology in the banking space," Klein said.
That technology was delivered in the form of Trusteer's Rapport, which banks could incorporate into their client apps and web sites to prevent MitB attacks. Using behavioural algorithms that analyse the structure of malware strains (many of which have a great deal in common), Rapport prevents malware from taking control of a client's browser, and in addition prevents clients from connecting to phishing sites that look for all the world like the bank's site, but aren't.
In 2010, Trusteer released Pinpoint, which, when deployed on a network, detects if there are any malware-infected devices present. Clients who try to connect to the site using malware — it could be a legitimate customer with an actual account — are flagged and booted off the network, with bank officials able to decide what action to take (like reporting the fraudster's IP address to police). Unlike Rapport, Pinpoint does not need to be deployed on the client side at all.
Both Rapport and Pinpoint, Klein said, have been installed "tens of millions of times all around the world". Over the past several years, he said, Trusteer has moved into mobile security, developing versions of its technology for mobile banking apps, and last year came out with Apex, specifically designed for enterprise, that among other things protects systems from exploitations of application vulnerabilities, institutes security procedures for employee logins, and prevents employees from using login credentials on sites outside the enterprise network.
Taken together, Trusteer's stable of applications constitute a full set of online defence technologies, for deployment in online banking, or any cloud environment, Klein said.
"We have both client-side and server-side defence systems, so it's easy to see why IBM would be interested in what we do. I think IBM is getting a significant footprint in the client side and consumer side, and this is important to them right now," he said.
"We are now part of the IBM family and our solutions are being implemented both within and outside the company, and are continuing to develop solutions to protect companies and clients on networks and in the cloud."