Captain RDM – Episode #4 – Devil Wears Prada

Follow the never ending adventures of our superhero as he confronts cyber crime, state sponsored activities, internal abusers and supply chain attacks.

On this episode, our hero needs to face the toughest threat – the Human Factor. Basic legacy crime activities, such as threatening, manipulating and extortion of innocent people, resonates well with Hardware based attack tools campaigns. But, leave it to our hero to sort this out…

HAC-1

Sepio’s Hardware Access Control (HAC-1) provides a solution to this problem. HAC-1’s capabilities have resulted in a real-life use case where a client used the software to find a loophole to the issue at hand. HAC-1 provides organizations with complete visibility of all hardware assets within their infrastructure, including remote devices. In doing so, HAC-1 uses Physical Layer fingerprinting technology and Machine Learning to calculate a digital fingerprint from the electrical characteristics of all devices and compares them against known vulnerable and Rogue Devices. Additionally, the solution allows the system administrator to define a strict, (more granular), set of rules for the system to enforce.

When a device breaches the pre-set policy, HAC-1 automatically instigates a mitigation process that instantly blocks unapproved, or Rogue hardware, provided the software is in ARM mode. This is where the loophole comes in. With these administrative benefits, our client blocked all peripherals by setting the solution in ARM mode for the specific employee’s, or should we say ex-employee’s, device. Doing so rendered the machine useless. So whether they were a malicious actor or just a careless one, there were zero risks of a hardware attack originating from their device.