News & Events
How the BNS could prevent the recent attempt to poison the water supply following a cyberattack in the US?
The “Israel Defense Magazine” has published this article about a cyber-attack against the water supply infrastructure of the city of Oldsmar, FL.
An attacker remotely accessed the water treatment system and for a short time increased the amount of sodium hydroxide by a factor of more than 100.
If the attacker would also have changed the status sent from the sensor it would be successful, luckily the attacker didn’t do that.
The BNS appliances prevent such attacks by
(1) a dedicated virtual channel to monitor the abnormal activity of hazard materials
(2) preventing unauthorized remote access to the water operational network
(3) being invisible to the attacker
(4) create a passwordless secured tunnel to the hazard material controller.
Recently we see an increase in requests from water-critical utilities which are choosing to use BNS technology.
White Box Cryptography (WBC)
Our very own CTO, Dr. Larisa Tsirinsky, published yesterday an academic paper defining the White-Box Cryptography secured tunneling.
The digital edition of the Israeli high-tech magazine that was distributed this morning in Calcalist.
The article about us on page 2.
Below is an English translation:
Keep the guards
Protect the organization’s firewall – and prevent Trojan Horses
Hackers’ attacks on factories, organizations, and even countries are rapidly growing, and sometimes the firewall that is supposed to protect the system is the weak link. The Israeli company ES Embedded Solutions 3000 was one of the first in the world to present a solution to the problem.
Recently we have witnessed many hacker attacks, whether it be companies in the industrial sector, the insurance sector, vital infrastructure and more. “In many cases, this is a ransomware attack, such as in the case of a large insurance company and a FAB in the north,” says Yaron Mintzker from ES Embedded Solutions 3000, which provides information security solutions.
“Such attacks lock the entire company or enterprise, which is shut down until the information is restored or the ransom paid; and in addition, the hackers gain access to the company’s most sensitive information, having managed to bypass all layers of protection.”
Fortinet, one of the world’s leading firewall solution providers, recently announced that 49,000 VPN passwords of its customers (including government organizations and banks) have leaked out, and may have reached hostile parties. A similar problem also exists in industrial systems (SCADA), which are installed in sensitive infrastructures, such as factories, electrical installations, water utilities, and more.
The product developed by Embedded Solutions combines (WBC) White-Box Cryptography technologies, Layer 2 filtering, protocol independence, and network invisibility designed to handle such cases and provide the possibility of secure two-way communication while preventing attacks on the firewall seeking to open a “back door”.
According to Mintzker, “Existing defense tools like firewalls are also vulnerable to cyber-attacks. In most cases, it is phishing – someone who managed to gain access to the organization quite easily. It is enough that an employee would click on a link or open a file, or get some money to provide access to hackers. This is how a Trojan horse enters the system and enables the hackers to sabotage the company’s information and, in the case of critical infrastructure, carry out a terrorist attack.
“Our solution also protects the defense tools themselves from external attacks. The BNS itself does not have IP and MAC addresses so it is transparent, it cannot be seen and attacked. It provides external and internal protection, so in the case of a phishing attack that managed to enter the organization, it closes the breach and stops the hackers. “
In addition, says Mintzker, “we address the problem of many organizations who protect the communication between their branches by using SSL and VPN, such secure communication has an external password which is vulnerable. The BNS enhances the secure tunneling with WBC technology that is independent with no such external password keys at all, which are the weak points. “
“ES Embedded Solutions 3000 has been operating in this market for 18 years, In fact, we developed WBC solutions even before they were called that.”
Season’s greetings and warm wishes for a safe and healthy 2021
2020 challenged certainties about what we think is safe and what we believe is healthy in all areas of our lives.
We would like to wish our partners, suppliers, and customers a safe and healthy 2021!
ES’s drones show- Happy New Year
Look what The Marker’s cyber edition wrote about our recent activity during the COVID pandemic
Here is a Google translate version of The Marker article published today (June 28, 2020):
Innovative encryption for industry and critical infrastructure
The Cyber company- Embedded Solutions tracked Iranian hackers’ attacks on factories, critical facilities and companies and developed a response that provides secure communications – for both remote and IOT devices
By: Nadav Beit Halahmi
The COVID has affected not only people but businesses as well. Different companies behaved differently during the COVID 19 pandemic. For example, the cyber company Embedded Solutions utilized the COVID period for strategic thinking as well as for designing and developing new products based on the technological core of the company’s BitNetSentry (BNS) product line. It is a patent protected, operational and proven technology in Israel and around the world for over a decade.
The Mobile BNS (mBNS) is a new product, small in size and significantly cheaper than the popular iBNS (Industrial BNS). It is “tailored” to the changing needs of the industry that emerged during the COVID and provides secure communications – both for workers forced to work from home and for industrial and medical IOTs.
The product sets a security standard tailored to the new requirements in the economy. For example, it ensures that the communication between the endpoints (remote office and IOT devices) and the company servers, or the factory environment, will be really secure and not encryption-based and passwords like private VPN communications, because if a password falls into the wrong hands, accidentally or maliciously, External or internal hacker, then VPN security mechanisms become worthless. In fact, it’s like protecting a safe with a super-lock and in the same breath to provide the key to the breaker … The BNS provides autonomous encryption, which changes and exchanges keys in each packet of information, without any human intervention and without the use of passwords that, as stated, constitute a security breach.
The company has been following attacks by Iranian hackers on factories, critical facilities and companies in Israel and around the world. Common to these attacks, it turned out, was that the attackers mapped their victims’ network devices, thereby identifying firewalls, data leak prevention systems (DLPs) and similar defense tools. From here to penetration the organization, the distance was short. The insider hacker can collect information, change settings, and remotely control critical systems such as water installations, chemical plants, and the like.
Using BNS significantly reduces exposure to such attacks as it is “transparent” on the network, without IP and MAC addresses and does not add latency. Although the BNS is invisible to the hacker, it provides a set of detection, alert and response tools and thus constitutes a “last line of defense” against attacks that penetrate through firewalls and similar “visible” tools on the network.
In addition, BNS provides separation between IT (Internet technology) and OT (Operational technology) networks for critical infrastructure (SCADA), industry and critical facilities, enabling remote control, installation and maintenance that does not require experts, as well as two-way communication between the infrastructure environment and the organization environment and thus allows remote control of the facilities safely. On the same topic, this month, a leading global Israeli industrial company successfully integrated the BNS in one of its global plants.
What sets BNS apart from most cyber protection tools?
Visible protection devices are vulnerable and can easily bypassed. The BNS is hidden and therefore constitutes a last line of defense. Password-protected communication security is hackable as soon as the password is visible to the attackers. BNS has an encryption algorithm with no preloaded passwords and therefore is immune to password leakage. The BNS enables network separation in a way that enables two-way communication.
According to IBM, 60% of cyber attacks are done by insiders, which BNS protects thanks to an algorithm that eliminates the need for password provision and transparency.
Our iBNS network security appliance was mentioned in Calcalist (Israel’s leading financial daily) yesterday
Our iBNS network security appliance was mentioned in Calcalist (Israel’s leading financial daily) yesterday. The article was written in Hebrew, here are some parts of it translated to English,
“Secured AR (Augmented Reality) industrial control systems in the COVID-19 era.
Recent developments and innovations offer advanced management and control systems for the various Augmented Reality (AR) manufacturing processes. These capabilities enable full management and control of all industrial systems located on the remote production floor.
Establishment of the Miniature Industrial Process (SKID) for water spinning is a product of ongoing collaboration between Meptagon Group, PTC and Matrix that selected leading companies to build this unique and innovative solution that makes up the SKID environment:
E.S. Embedded Solutions 3000’s iBNS (Industrial Bit Net Sentry) is a unique cyber protection solution based on a patented technology that allows to prevent many sophisticated attacks including those that come from insiders (even IT persons with full administrator’s permissions). The iBNS itself is fully transparent for other network participants and, that is why, cannot be targeted by attackers.
The iBNS solution works autonomously without any human intervention and by that ensures a dynamic encryption that automatically changes at any packet with no preloaded keys.
iBNS is a transparent entity on the network (i.e. invisible on the network and therefore unattainable) iBNS is filtering suspicious communication by many criteria including bit combinations in data payloads. In addition, iBNS maps the communication to virtual channels according to the content of the network packets regardless of network addresses of the media sources, manages the bandwidth usage of every such channel in a bit-level and thus allowing to catch a lot of distributed attacks.
Physical SKID environment
Augmented Reality (AR) SKID environment
Our heart and thoughts are with everyone during this difficult time.
Recently, there have been many disruptions to business and daily life in places around the world in order to slow the spread of COVID-19.
The health and safety of our customers, employees, vendors, and communities are very important to us, and our thoughts are with everyone during this difficult time.
We would like to inform you that ES is monitoring very closely the developments around the corona pandemic and the recommendations from the WHO to ensure the safety of our employees, their families our partners and customers.
We have taken measures to ensure the safety and health of our staff. This includes moving away from face-to-face meetings and equipping our employees with modern communication and safety tools to enable them to work, meet, and collaborate remotely. We are still adjusting to this situation, so some things may take a bit longer than before. That said, we are doing our best to make this challenging period as smooth as possible for all parties involved.
We have all the tools to further support you and delivering you our commitments. We would like to reassure you about our availability and our focus.
Do not hesitate to contact your usual point of contact on his/her regular business phone or e-mail.
We wish you, your colleagues and your families a good health and all the best for the coming weeks.
We are looking forward to seeing you again soon.
Embedded Solution 3000 LTD (ES) report on the recent Iranian hackers’ attack
According to reports released recently, Iranian hackers exploited known firewall weakness and through private secure VPN communications penetrated internal networks of many global companies, we do not know what the attackers were trying to get and what is the damage they caused, we can say that after such an intrusion, these hackers can do immense damage, for example, to steal classified information, change classified information, plant malware and more.
To attack like that it is not difficult because firewall weaknesses are revealed from time to time, some firewalls weaknesses are even published from time to time, the hackers take advantage of the bypassing options and from this stage the way into the organization treasures is short.
Between the discovery of the breaches and their fixing, there is a certain amount of time that is usually sufficient for the hacker to log on to an internal network and be based there. Even if the breach is repaired, a number of backdoors are likely to be built in the meantime and the offender continues to celebrate inside … from this point “the sky is the limit” to the hacker. Gathering and transmitting information to an external server, changing server settings, building fictitious VPNs – these are just a few examples of the hacker’s damage.
So why do many firewalls and various safeguards not protect?
There are several reasons for this:
- Firewalls and similar protection products are networking products that allow remote access. The hardware and software versions, as well as other parameters of such products, can be identified. Hackers take advantage of every bit of information about these specific parameters to hack.
- You can’t forget about the human factor that defines VPNs within the company. This is usually an IT person who can maintain user credentials and VPN passwords. But sometimes there is an INSIDERS problem that accidentally or maliciously passes keys to an outside party.
- Once the offender has already established himself on an internal network, he begins to broadcast sensitive information outside.
Is there still something to do?
Yes. Although there is no way to guarantee 100% protection, the risk can be significantly reduced by installing “transparent” protection equipment on the network. Equipment that does not have IP and MAC addresses, which does not put pauses and automatically exchanges keys in each packet without any human intervention. This equipment that works invisibly is checking the legality of every VPN and every outgoing communication.
Embedded Solutions team wearing Purim costumes
This is how we are celebrating “Purim” at Embedded Solutions 😊
Look what the ISRAEL DEFENSE Press wrote about us
Although this article is not in English, we highly recommend to translate in google translate (obviously). The article posted yesterday in Israel Defense and focuses on our civilian cyber security product.
The article is recommended not only for those who have not heard of us … but also for all our partners, suppliers and customers since it is written in clear language but at the same time it is technical enough.
Have fun and contact us for clarifications.
Visit our stand at the Cyber Tech Global trade-show
Meet us at the Cyber Tech Global trade-show which will take place in TLV on January 28-30, 2020, and learn how BNS can protect your asset and data!
Serving as a global dialogue on threats and solutions affecting the global community, the Cybertech conference offers a chance for participants to learn about the most innovative approaches to cyber by some of the most prominent experts from the industry.
Conference sessions and special events include AI, Advanced IoT, Big Data, Cloud, Blockchain, and focus on a wide spectrum of different sectors ranging from Finance and Insurance, SCADA/ICS, Mobile and Communications, Health Industry, Smart Mobility, and many more.
** WE ARE HIRING **
We are looking for Software Developer to be part of our Software Development team.
Skills and Experience:
- Software engineer with 3+ years of experience in computer systems, software and architecture
- Experience programming with C/C++ for real-time operating system
- Strong in embedded software architecture
- A solid understanding of the network protocol stack, including L2 switching and IP Routing, TCP/IP, UDP
- Experience programming in Linux operating systems
- Linux Kernel and Device Driver development is an advantage
- Experience with JTAG and debuggers is an advantage
- Knowledge of hardware architecture is an advantage
- Proficient knowledge of one or more: PHP, Python, Perl, Java, .C# ,etc. is an advantage
- Self-motivated, strong sense of ownership, good team player
- Be open to continuous learning and committed to on-going self-improvement.
We would love to hear from you and possibly welcome you aboard!
Please submit your CV to : HR@embedded-solutions.co.il
Who shouldn’t be worry about the Quantum Computing development?
Recently I came across this brilliant article written by Germain Chastel- the CEO and Founder of NewtonX, who wrote about the latest quantum computing status,
For quite a long time now, we, at Embedded Solutions, keep an eye out for the cybersecurity threats the Quantum computing brings to our customers’ “secured VPN communication” over public networks . The good news are that this update should not worry our clients since their vulnerable VPN communication is already secured against brute force quantum CPU decryption- simply by enabling the “encryption without encryption” feature of the iBNS 😊
Want a free checkup? Just feel out this form, on the subject line specify: “I want a free checkup from quantum computing threats”
BitNetSentry new video clip
Today we launched a new video clip that illustrates in a very simple way how BitNetSentry protects our network from sophisticated and advanced cyber-attacks. I hope you’ll like it 😊
We Have Moved to a New Office!
We are excited to announce that our team has moved to a new location in Ramat Gan.
We spent the half year in reconditioning the space to fit to our needs. Our old office served us well, but due to new projects we won and company’s new challenges- we decided to move to an office with more space, better visibility, top secret safe room, modern development lab and a demo room.
Thanks for everyone’s support through the years and with the move.
The new address is 2 Ben-Gurion St. Ramat-Gan (B.S.R #1 building)
Photos: Embedded-Solutions at the Cloud Expo Asia (CEA) 2019
Despite our business partners own work pressures, many of them took out the time to visit our booth at the Cloud Expo Asia last week, We totally appreciate it! Thank you!
We look forward to grow our market share in APAC with you guys.
Thanks again! Here are few pictures from the CEA 2019 show.
CLOUD EXPO ASIA, HONG KONG – Date: 22-23 May 2019, HKCEC, HONG KONG
The largest dedicated cloud event for business.
Meet us at booth #E19 and learn how BNS can protect your asset and data!