In today’s world, cyberattackers are increasingly able to penetrate and steal data from the world’s most heavily fortified data centers. They operate as profit centers, regularly leveraging technology to create new tools to launch attacks in an unpredictable fashion at a rate that overwhelms defenses.
It typically takes cybercriminals 5 days to breach an internet-facing system. Once a successful penetration occurs, the average cybercriminal’s residence time on a system before detection is over 180 days. During this time, they have virtually unlimited time to dwell on servers, escalate their access privileges, and move laterally to locate and exfiltrate sensitive data.
Targeted organizations with highly valuable data are continuously trying to defend against innovative, unpredictable and overwhelming attacks. Their IT departments are cost centers that are scrambling against the clock to update threat detection systems, using tools with built-in obsolescence. This results in an escalating, unwinnable and never-ending battle. In this landscape the best outcome for the target is a draw, until the next cyberattack technology advances.
It is possible, however, to externally disrupt this permanent power imbalance in the global cyber landscape by limiting two critical elements attackers require to be successful in their activities: A known Target (static and continuously addressable target) and Time (time on target).
Stratus Digital Systems provides a paradigm-shifting solution by denying the cybercriminal both Time and Target. We do this by creating on-demand servers with fresh, transaction-specific software, at randomly assigned, unpredictable IP addresses. Only the authorized transaction participants have access, with administrator accounts and privilege escalation risk being eliminated altogether. When the participant terminates the transaction, the transaction software is erased, the server is destroyed, and the IP address is retired. Thus, the attackers’ maximum potential dwell time drops from months to minutes. No territory remains for the attacker to exploit.
Stratus’ patent pending technology protects the highest yielding attack vector: networked servers connecting authorized users with databases containing sensitive and high value data. Creating on-demand, short-lived servers at unpredictable locations with random IP addresses results in dramatically diminished internet exposure and significantly reduced risk.
In addition to helping manage risk, Stratus enables organizations to reduce the costs associated with technology and human resources. Technology costs are reduced by shifting from continuous servers to on-demand, short-lived servers. Human resources costs are reduced through increased efficiencies (existing security systems, such as alert dashboards, are significantly quieted, enabling a more focused, strategic and efficient use of personnel’s time).