Spawner Storm

Spawner Storm: An Introduction

Always Innovating

One key goal of innovation is not always to do something new, but to do something better. The process in which Fognigma communicates with various cloud service providers, leasing and building virtual machines, and uniting those machines to function as one invisible and secure network is new (which is why it’s patented). But we’re not content with just creating an amazing product and then resting on our laurels—we want to continue to make the product evolve into an even better version of itself. We are constantly checking our software and stretching our brains to figure out ways to make it more secure, more undetectable, and more valuable to the customers who use it.

Which is why we created Spawner Storm, a revolutionary and patent-pending method for anonymizing Fognigma Network builds and communications even more. But we’re getting ahead of ourselves. Let’s first describe the issue and then we can showcase Spawner Storm’s technology and how it takes Fognigma Networks to the next level.

Even a Little is Still Too Much Association

When the Fognigma engine builds a network, it sends messages to the cloud service providers communicating the plans to build each virtual machine. Then, the engine continues to talk to the cloud and all the virtual machines. What we realized is because the engine has a set IP address, if anyone could discover some of the virtual machines and see the IP address that was communicating with it, they’d be able to associate all the machines. That is, they could tell the virtual machines were working together and then trace them back to the engine using the discovered IP address of the engine. This sort of association could possibly lead a nefarious third-party right to your Fognigma’s engine’s front door and, from there, learn where your organization is located, your IP address, etc. Even the remote possibility of this happening is not acceptable to us. We had to find a solution.

Suddenly, the sky darkens and thickens with a mass of water-laden clouds. Lighting and thunder tear the sky open and the rain begins to deluge down. The Storm is here.

dissociates communication

Unleash the Spawner Storm

Spawner Storm dissociates the Fognigma engine from its components and build requests like never before. It does so by leveraging our patented Portal Proxy solution. Portal Proxies are unique, on-demand URLs from which users access web services (including internal Fognigma components). Portal Proxies add a singular dissociative layer between the user and the web service (i.e., between the two communicating parties).

What Spawner Storm does is create a mass of Portal Proxies and then passes all the virtual machine build requests and further communications to Fognigma components through those proxies. In one test we performed, we created a Spawner Storm with 200 Portal Proxies through which to pass communications. At the end of the test, the virtual machine we were pinging noted contact with over 60 different IP addresses spread throughout clouds in various locations across the globe.

Spawner Storm ensures that communications between an organization’s Fognigma engine, cloud service providers, and all virtual machines are as scattered as possible to prevent any chance of association.

Working together yet seeming apart is one of the main benefits Fognigma can offer organizations, and Spawner Storm is the newest innovation to make that separation even more separate. For more information on Spawner Storm or Fognigma or to schedule a demo, please contact us here.

Smart home technology of interface with 3d plan building and internet of things or IOT connected objects. Control safety and automation of smart house. Internet of things isometric technology concept.

Fognigma’s Scheduler Automation: An Oasis in the Cybersecurity Drought

A Cybersecurity Drought

Sure, we don’t all have jetpacks or flying cars as all the science and speculative fiction of old prophesied, but one thing they sure did get right is our reliance on computers. Computers and the Internet are so completely woven into the fabric of our lives that there’s no turning back. The future is here. Yay. The only problem is: with every new technology, there come those who exploit that technology for their own evil ends. And thus, cybersecurity was born to protect the good against the threats of the bad. A big issue with cybersecurity is the manual oversight with protecting your network, imagine being able to implement network automation to more easily protect, create, and break down secure networks.

But there’s a problem which has recently come to light. Though organizations might be able to fully control their investment of time and money into their cybersecurity, they cannot control the amount of people who are qualified to actually do all the cybersecurity-ing.

There will be an estimated 3.5 million unfilled cybersecurity positions by 2021  –Cybersecurity Ventures

Sadly, it’s true: because of the rise in cybercrime, the job pool of cybersecurity professionals just can’t keep up with the demand. Security executives see one of the main reasons for this empty-ish candidate pool is prospective employees lacking the skills and training needed (less than 1 in 4 are qualified, according to a survey by ISACA).

The Information Systems Security Association (ISSA) and independent industry analyst firm Enterprise Strategy Group (ESG) back this up in their own survey. Their findings show this shortage actively impacts an organization’s cybersecurity, leading 91% of respondents to conclude most organizations are cyber-vulnerable. Also highlighted in this survey is that 40% believe staff burnout and turnover (as few attempt to do the work of many) strongly contributes to the deficit of cybersecurity employees.

Office Cybersecurity

The US Government has noticed the shortage, as well, and is trying a new program to help train current employees not currently in IT fields to be the cybersecurity workforce of the future. It’s called the Federal Cybersecurity Reskilling Academy and though it’s not considered to be a complete solution, Suzette Kent (Federal CIO) has stated, “[this program] will let us understand the success rate and look to expand and industrialize [programs] across the federal government.” It’s a small step (the first class will most likely be less than thirty), but a step nonetheless in the right direction of increasing cybersecurity training.

In short, organizations need more qualified cybersecurity personnel than currently exist. However, all is not lost. If organizations were able to implement network automation to handle a majority of the usual manual work necessary, cybersecurity would become more of an everyday thing then something dreaded or caused by human error.

 

Network Automation with Scheduler

Let’s start out by saying we don’t think Fognigma is a panacea for the lack of cybersecurity staff, but it is a powerful tool in allowing organizations to better manage their resources. Fognigma (explained in more depth here) lets organizations create invisible and encrypted cloud-based networks which conceal the organization’s communications and collaboration. Fognigma’s networks are built of strategically leased virtual machines (from various cloud providers) all working as one network. Fognigma is patented, proven, and ready to take any organization’s cybersecurity to the edge and beyond.

But there is one key feature of Fognigma which provides this oasis in the cybersecurity desert in which we all find ourselves, and that is the Scheduler interface. Scheduler lets you plan out and schedule your network and component builds. Quite simply, our thought was, ‘If no one is in the house, why do the lights need to be on?’

network automation
Fognigma automates the build of networks, and the teardown of them as well

Actually, that’s not right. With Fognigma, it’s not that the lights aren’t on – it’s that the house isn’t even there and looks like it never was. Or, for example, if your network stays active but you only want your entry and exit points (i.e., where users get into and out of your network) active during business hours, then it’s like the doors on your house disappear at night and reappear somewhere else in the morning. Or, for another example (because examples are fun), you need a video conference server for just Thursday, then it’s as if an entire new room appears in your house with a home theater – but just for that one day.

What Scheduler does is allow you to control when (and where, since you can specify cloud service providers and location for some of the components) your network (in whole or in parts) actually exists. Since all the parts are specialized virtual machines, once they are destroyed, they are overwritten by the cloud provider. They truly cease to be. When you rebuild them with Scheduler, they are completely new with new IP addresses. Back to the house example, this would be like your house disappearing when you go to work and then reappearing in a different configuration in a different neighborhood when you return home, and only you know your new address each day.

Apart from the cybersecurity brownie points the dynamic nature of Fognigma gives you, there is an even more applicable bonus when applied to resources. In most organizations using a standard network, someone needs to be on call 24/7 in case something happens. Since it’s always on, that network is always visible and can be attacked at any time. Even during working hours, if a chat server, for instance, is used for team meetings every Friday, it still exists as a potential exploit for evildoers all the other days of the week. Someone has to monitor everything at all times.

Fognigma allows your cybersecurity team to do more with less. Are we saying you only need a tiny team to protect your organization if you use Fognigma? Not at all. We’re just trying to illustrate how Fognigma will let your team work more efficiently. Plus, if you think about it, there’s a major cost savings in not having everything on when it’s not needed. With an introduction of network automation to your cybersecurity strategy, it becomes less of an extra task and more of something you can depend on.

Back to the ISACA survey: 55% reported that it took at least 3 months to fill open cybersecurity positions, while 32% said it was more like 6 months or more. Whether you are in those percentages and searching to fill your cybersecurity needs or you already have your team in place and just want the most leading-edge protection possible, Fognigma is the twinkling oasis in the cybersecurity desert for which you’ve been searching.

Isometric modern cloud technology and networking concept. Web cloud technology business. Internet data services vector illustration.

Supporting Offensive Cyber Operations

Offensive Cyber

In the 2018 Department of Defense Cyber Strategy, the DoD outlined a change in cyber defense tactics. One of the new strategies is called ‘Defend Forward’  (which we explored in a previous blog post). In short, Defend Forward charges organizations to shore up their cyber defenses and not sit around waiting for someone to attack and test them – to continue to move forward, all while fully defended. Definitely a shift in cyber defense strategy, as offensive cyber operations are on the rise

offensive cyber operations
Protecting your data is important

But the Department of Defense didn’t stop there. They also stated they “will employ offensive cyber capabilities and innovative concepts that allow for the use of cyberspace operations across the full spectrum of conflict.” Yes, the DoD is actually mentioning the need of offensive cyber operations. The new future involves not only arming one’s organization with mobile cyber armor, but also searching out and destroying threats before they can become threats. Fognigma’s patented software solutions are ready to support this new cyber defense strategy. Read on to learn more!

Fognigma Makes You Invisible

We must start by saying that Fognigma is not an offensive tool. It does, however, provide a patented and proven way for you to hide your operations from spying eyes. Fognigma gives you the power to create encrypted, cloaked Mission Partner Networks (MPNs), allowing total protection and anonymity of communications. An MPN is built from strategically leased virtual machines from one or more cloud providers, which work together as one powerful network.

With Fognigma, you completely control your MPN without any third-party interference or oversight. You run it; you own it. You exist now without anyone watching over you. Fognigma also gives you full command over your online presence. By managing your online attribution, you can craft your online appearance to separate who it looks like you are, where it looks like you are, and what it looks like you’re doing from what’s actually going on.

Secure Network Infrastructure

This invisibility of network and communications is paramount for organizations who conduct offensive cyber operations. Too often, offensive ops are compromised by parts being easily discovered and/or associated. A good example (and warning for the future) involves all the new info that’s been revealed about the big 2009-2013 CIA breach. Simple Google searches by third parties revealed sites that had similar aspects to them, leading to the correct assumption that they were, in fact, operated by the same group. This was later used for interception and exfiltration of sensitive information about offensive ops.

As previously stated, Fognigma is built from various virtual machines (VMs). These VMs only know of their immediate neighbors, so the network can’t be compromised should one VM be breached (which is statistically impossible given the nature of Fognigma’s encryption technologies). Also, organizations have the option to use Fognigma’s Portal Proxy technology (also patented) which allows them to create anonymous and disposable URLs for different Fognigma components. With Portal Proxies, organizations can give users their own URLs, so even if multiple people are accessing the same component, from the outside, it will look like they are going in different directions. This disassociates the users from the organization and from each other. And the more disassociation an organization can create during offensive operations, the less chance of activity correlation which could lead to a compromise like the aforementioned CIA operations.

Fognigma Has Global Reach

In order to properly engage in offensive cyber operations, organizations need global access. This is another area where Fognigma shines. Because of Fognigma’s structural nature, all the parts of the network and internal communication components can be built in different areas of the world. If you needed a file share residing in India, you could have just that (built in a few mouse clicks). All users granted access to that file share could access it when they connect to your MPN from wherever they are in the world.

Fogngima Networks Span the Globe

Fognigma also gives you global reach in an intelligent manner. Meaning, it normally doesn’t behoove an organization involved in operations in one part of the world to appear to be coming from another part of the world. Fognigma solves this by the properties of an MPN’s exit points. Without going into too much technical detail here, users leave an MPN by going through admin-created exit points. Once a user goes through an exit point to the Internet, their IP matches the country in which the exit point is located. This is invaluable when not wanting users to appear to be foreign to the part of the world in which they are conducting operations.

Fognigma Provides the Tools for Offensive Operations

But, Fognigma isn’t just an invisible network. Inside your MPN is a suite of communication and collaboration components which allow your operations to stay in constant contact. As soon as your device connects to your MPN, you’ll have access to: traceless telephony (with a misattributable call chain feature for safely communicating with untrusted external parties), protected video conferencing, and secure chat messaging. A file share is also hidden within your MPN for the safe storage and transfer of files.

secure telephony
Secure Telephony

And then there’s Fognigma’s superpowered Virtual Desktops (VDI). Fognigma’s VDIs have all the features of normal VDIs plus many more that only Fognigma can deliver. For instance, you can now transfer files from a USB directly to your VDI, completely bypassing the host computer. If there is a file on the host computer you wish to transfer, you can copy it to your VDI as easily as dragging and dropping it. Fognigma VDIs can be used as a super anonymous and temporary way to access other MPN. For example, you could initialize a VDI, connect to a video conference inside your MPN (assured that the audio is also safe, as Fognigma ensures all audio is proxied to ensure no IP leak), communicate with your team, and then destroy the VDI when done. When any part of an MPN is destroyed, the components are wiped clean and completely overwritten by the cloud providers, eliminating all digital forensics. It’s as if none of it ever really happened.

Fognigma is the Base Offensive Operations Need

A secure cybersecurity base for offensive operations needs to be a multi-tool, a transformer, and a cloaking device which can fit in your pocket. It needs to make the world think you are doing one thing, when you are actually doing something else. It needs to separate the connected and connect the separated. And, most of all, it needs to do all of this without anyone realizing it’s doing anything at all. That list is a good summary of reasons why Fognigma was created. We wanted to give organizations that toolbox, that utility belt, that base on which to build their operational success. And more than that, Fognigma was developed (and continues to be developed) to give the US Government and its military forces the advantage on the world stage. Fognigma puts the power of cybersecurity in the hands of those who will use our technology to make the world a safer place for all of us.

bigstock-Isometric-Internet-Security-Lo-238957666-Converted-01

Protect Your Things

IoT Is Only Getting Bigger

The Internet of Things (IoT) is growing larger day by day. With thermostats monitoring and virtual personal assistants listening, it’s getting quite easy to become surrounded by things. Things are great! They can help you turn on lights and buy dog food and find out what the weather is like without having to look out a window. But things do come with risks. These things could risk your network security, data, users, intellectual property (IP), and even your entire company!

internet of things (ioT)
Connected to everything with cybersecurity

It’s to be expected, really, if you think about it. Each device asks to connect to your network and then monitors something, often communicating out to the Internet. Each thing is now a new window or door into your network – a new safety vulnerability disguised as a handy device.

People Forget About Security

Often, people add smart devices in their homes and offices without any thoughts of security. It’s assumed that the company who created the device was smart enough to add in some measure of safety. Sometimes this is true with the more conscientious manufacturers, but many times network safety is sacrificed for speed to market (gotta get those sales numbers up). This isn’t safe for your home network, and it can be disastrous for your office network.

open network
Opening your network to leaks due to devices

Imagine an enemy agent out there watching your company. Suddenly, a thing pops up on his radar. To you, it’s just a little monkey on your desk that opens its umbrella when it is going to rain (and if that doesn’t exist, it really should). To the enemy agent, it’s a poorly protected entry point to your company’s network. The monkey might tell you that it’s going to rain, but what it isn’t telling you is that the rain is really the tears of your company as all its important information is exploited.

Insecure IoT Can Ruin Your Company

The monkey might be a simplistic and dramatic example, but the main points are solid. Adding unsecure items to your office network can be disastrous. Though we highlighted a frivolous IoT toy, there are many things that are very valuable and useful to businesses and organizations: the aforementioned thermostat, moisture sensors, factory automation things, HAL 9000, security devices, and even a fishtank in a casino!

The first thing to do is make an IoT security plan (i.e., what to do when someone wants to add a new device to your network), and the first step of that plan is to take the new device to the IT department for evaluation. Is it from a known and/or trusted manufacturer? Does it have any safety features built into it? Does it often get its firmware updated? Who will monitor and make sure updates are done in a timely manner (this one is really important)? In short, is this good for the company (read: worth the risk to your network)?

How to securely add a device to your network, discuss with your IT department

Making a plan gets everyone in the habit of thinking before they add a new thing – and, to be quite blunt, users should never stop thinking. But we want to make your IoT security easier and safer – with Fognigma.

Fognigma takes a multi-prong approach in protecting your things by protecting everything on your network. In a nutshell, Fognigma creates a Mission Partner Network (MPN) in parts spread out across multiple cloud platforms, which function as one. This creates an invisible-to-outsiders network in which your data, your communication tools, even your current network (depending on your Fognigma deployment) live. Your IoT devices are also inside the protection of your MPN, as well.

IoT devices connect to the MPN through a bit of hardware called a Wicket. Depending on how you have your IoT spread out through your organization, each device can have its own Wicket, or they can clump into little IoT hives and several devices can connect through one Wicket. Once connected to the MPN, your things are now invisible to external threats.

MPNs prevent metadata snooping (a key way third parties discover networks to exploit), which means network threats won’t even know your IoT devices exist. Fognigma is already in line with the NIST’s recommendations for IoT security by wrapping each connection inside an MPN with the recommended AES-256 encryption. Only, Fognigma doesn’t just use one layer of AES-256 encryption – everything inside your MPN is double wrapped for extra security.

A company that uses Fognigma will have a major advantage in the IoT world, as Fognigma makes sure your IoT remains only your IoT. That’s the magic of Fognigma. We’d like to chat more about this, but the thing on our wrist (which is connected to our phone, which is connected to the refrigerator) is telling us it’s time to get up and get a snack.

Isometric vector Internet hacker attack and personal data security concept. Computer security technology. E-mail spam viruses bank account hacking. Hacker working on a code. Internet crime concept

Defeating Browser Fingerprinting with Fognigma

You’re Always Being Watched Online

As Joseph Heller aptly wrote in Catch-22, “Just because you’re paranoid doesn’t mean they aren’t after you.” This statement accurately parallels the plight of those who take their online security seriously. Many of us concerned with cybersecurity use countless programs and plugins to thwart online tracking, which might seem paranoid to some. But we know the truth: online, they really are after you.

And who ‘they’ are almost doesn’t matter. They are the ones who want to track your every online move. They are the ones who want to know who you are, where you come from, and what you are doing so they can use that information. Sometimes, this info is just used to market to you, or anonymously track where you look on a website so the site’s design can be made more user friendly. By 2020, profits for data about you and your online activities are expected to reach an estimated $210 billion dollars – a compound annual growth rate of 11.9%. But unfortunately, all too often, this data is used by a more nefarious ‘they’ – the ‘they’ cybersecurity attempts to protect you against. The ‘they’ who will find a way into your network, so they can suck the sweet marrow inside, leaving you with just a brittle shell of your company.

How Do ‘They’ Find You?

Everyone knows about all the flavors of cookies that exist out there – regular cookies, evercookies, supercookies – each tracking something about your online activity. It’s even easier to know about cookies now that GDPR compliance is being enforced. But there are other ways you can be tracked online, ways that are often more difficult to detect and stop than cookies. We’re talking about browser fingerprinting.

Browser fingerprinting, in the TL;DR version, is the act of observing online patterns and deducing from where and whom the patterns were created. It’s easier to illustrate by example. Picture your morning. Most likely, you get up at the same time, head to work at the same time, go to work via the same route, work at the same location, eat lunch at the same time (often, at the same place), leave work at the same time, head home via the same return route, and go to bed at the same time. Lather. Rinse. Repeat. Quite quickly, a very distinct pattern (your pattern-of-life) develops – one which can be exploited to figure out things about you and, in many circumstances, to figure out exactly who you are.

Browser Fingerprinting
Daily online behaviors, systems can learn from online routines

Online, it’s the same thing. Whether you know it or not, you have patterns of online behavior – sites you frequent, time of day you check things, location when you are checking, connection type you use, and so much more. Once it’s analyzed, your online pattern of behavior can disclose quite a lot of information about you and, again, sometimes even exactly who you are. There’s only way to fully protect yourself. You must disappear.

Fognigma Defeats Browser Fingerprinting

Imagination time again. Now picture you go to work like normal, except this time instead of going from your home to your work, you appear suddenly at the Eiffel Tower and begin working from there. When it is time for lunch, you eat a delicious meal, but no one sees it happen. To observers, you never had lunch at all. And rather than anyone able to witness your traffic-filled commute home, you simply disappear from your table at Le Jules Verne as if you never had been there at all.

The point is: Fognigma obscures your actual location, movement, and intent. A Fognigma network is built from randomly leased components from cloud providers all over the world combined to form one network. You enter the network through an entry point which may or may not even be in your own country. Inside the network, your traffic might be routed through dissociating joints (depending on your deployment configuration) before leaving through an exit point possibly on a different continent. Anyone trying to trace your location will see you as existing wherever that exit point is.

leased cloud components
Randomly leased cloud components

And guess what? Your entry and exit points today might not be the same tomorrow – same with the entire configuration of your Fognigma network. Fognigma networks can easily be burned down and rebuilt (either with the same or different configuration) with just a few mouse clicks. The cloud components are wiped clean and returned to the cloud, only to be written over when next they are used. When you rebuild your network, you can choose new entry and exit points in different places. You can do this build/burn/rebuild at any time – even on a scheduled and automated basis.

Now, you no longer have an observable pattern. You might still go to the same sites around the same time, but you will appear to be doing it from different cities, countries, and/or continents. By constantly shifting your perceived location, your activity just becomes static in the soothing white noise of the Internet’s global Om. In short, you won’t even appear to be you.

Fognigma helps you thwart the ‘they’ who are after you, but you’re on your own with your paranoia.

Isometric business people talking conference meeting room. Team work process. Business management teamwork meeting and brainstorming. Vector illustration

Fognigma: Protecting from the Inside

The Threat is Inside the Building!

Often, Cybersecurity is thought of as a process of looking out to the world and searching, scanning, and bracing for what might be out there. It’s an ongoing process – a valiant mission – to plan for the worst. It’s a constant battle against external threats discovering things about you and using those discoverings against you. Unfortunately, if you are only looking for and protecting against external threats, you’re only doing part of your job. Cybersecurity should always be viewed as looking in two directions at once: external and internal. It is imperative you don’t ignore the possibility of internal threats.

Internal threats, of course, come from inside your organization. They are your employees, your coworkers, and sometimes even your friends. It is hard to imagine they would willingly do anything to betray your organization. But wait! Internal threats are not always the criminal, calculated schemes that feed our movies and television shows. Many times, internal breaches are due to a variety pack of non-nefarious reasons. Let’s explore more, shall we?

Non-Malicious Insider Threats

Quite often, the employees who become non-malicious insider threats (NMIT) don’t even know they are doing anything wrong. These are the people who check work email on public computers and then forget to log out of their applications. These are the employees who do work while at coffeeshops on unsecure networks. These are the ones forwarding work emails to their personal email addresses, so they can continue working from home.

checking email

Or perhaps the employees are, in fact, willfully doing something wrong, but they justify it as necessary to get their job done.  The Government Research Council (GRC) did a study on government employees’ use of approved mobile devices. The GRC found around one-third of respondents were using personal devices to do business work on. Of that third, 94% of DoD and military employees, and 64% of civilian employees, were using personal devices that had not been approved by their agency.

Better cybersecurity education can really go a long way to stopping many NMITs from forming in any organization. Employees should be taught not only what is acceptable and what isn’t, but also why certain online behaviors are dangerous. They should be taught how immense their impact is in the organization’s cyber security plan and how cyber security is a company-wide endeavor.

There is one other way to severely hamper both malicious and non-malicious insider threats, something Fognigma excels at: granular user controls.

Fognigma Networks Protect Against Insider Threats

Fognigma gifts network administrators with granular user controls. Quite simply, granular user controls allow the admin complete control over every little aspect of a user’s permissions inside a Fognigma-created Mission Partner Network (MPN). From which components to which files to which entry and exit points, admins will be able to make sure each user has access to only those things they need to access. This method of precise control is accomplished by creating groups.

Groups exist for each part of a Fognigma network. With just a few mouse clicks, users are added to very specific groups, which give them access to specific components, features, and even entry and exit points. And just as easy as they are added, users can be removed from groups.

We can explain this better by using an example. Our example company is called The Company and boasts 400 happy (and imaginary) employees. The Company has deployed Fognigma and is enjoying the protection and anonymity it provides. A new employee is hired: Jay. The Company’s HR team is on point and have already completed an IAM (Identity and Access Management)  assessment for Jay. As a new accountant, Jay needs access to certain things and shouldn’t see other things.

Admin Controls

The network admin who handles all permissions begins adding Jay to groups inside their MPN. He gets added to the company-wide telephony system group, the company-wide message server group, and the company-wide file share group. Jay is then added to the accounting fileshare group and accounting private channel on the company-wide message server group – each consisting of the CEO and the four-person accounting department. No other employees can access these groups, which thus limits the exposure of sensitive financial data to just 1.25% of the company.

Jay is not added, however, to the dev file share or the dev private messaging channel group (which Jay doesn’t even know exists). Jay doesn’t need access to any of the development team’s research or discussion. Not that he would (he’s a good dude), but this limited access prevents Jay from even contemplating leaking company development secrets – he just can’t get to them.

And here comes the really cool part. Imagine, after a few months, Jay realizes a new computer process would greatly help accounting with their accounts payable work flow. He mentions it to the CEO, who loves the idea. A new private messaging channel group is formed. Inside that group are Jay, the CFO, and two developers assigned to the task. No one else in the company can access this messaging group. Inside, these four employees can discuss and develop the new process.

Fognigma Networks

Three months later, the process is rolled out for the company to use. The accounting department is thrilled. The private messaging group is no longer needed, so is easily  deleted. And the rest of the company? Well, they didn’t need to know about any of this, so they didn’t. Everyone is containerized within their own little spheres, preventing each user from having too much access to what goes on inside the company.

This example serves to illustrate just a fraction of how Fognigma’s use of groups can limit user access and temptation. And by limiting access, Fognigma’s granular user controls prevent problems before they even can develop.

bigstock-Isometric-Cloud-Computing-Conc-243793318-Converted-01

How Fognigma Can Aid an Elderly Network Structure

An Elderly Network Structure is Rife with Vulnerabilities

Many times, there is an inherent problem with how government and/or larger/older agencies build their infrastructure. It makes sense how it happens, so it seems like it should be able to be prevented. But alas, normally budget and time prevent the proper formation and revision of infrastructure. What are we talking about here? In a word: Frankenstein’s monster.

Frankenstein’s monster, as everyone knows, was put together by using bits from various systems (a nicer way of saying body parts, which works better for this analogy). Attached as needed and jerry-rigged together, all the components eventually formed one functioning whole. In Frankenstein, the whole (monster) worked fine, but was rejected by society. That is, it worked but was quite vulnerable to outside threats. See where we going with that?

Frankenstein Parts
Parts form to create a network infrastructure

Unfortunately, the infrastructure of many larger and older agencies has also been put together as needed over time. Also, many times software applications are built or adapted to do one task in the organization, and it’s just easier and more cost effective to continue as per (business as) usual than migrate data into new programs and processes. The longer the agency exists, the more parts might get retrofitted together in a tenuous web that works . . . but just barely.

Frankenstein in Armor

Now, try to imagine fitting Frankenstein’s monster with a custom suit of armor. It might seem easy to surround the creature’s piecemeal form, but it won’t offer all the components perfect protection. Once an enemy knows how to penetrate your armor, the whole monster is going down. It’s the same with cybersecurity for our example agencies with antiquation issues. You might be able to get some form of network security around the network, but it really won’t completely protect the components.

That’s because each component has its own unique features (read: issues) and doesn’t always talk to other programs well.  We’ve all had that experience of saving a file from one program the only way possible and then having to do a bunch of leg work to import it into the program you actually use to analyze the data. Again, it works . . . but just barely. And if anything goes wrong along the way, the whole system falls apart.

data integration
Integrating data into various programs

So, what can the Fognigma enterprise software do to help? In short, it can make sure all your processes, software, and data (no matter how antiquated and/or unique) are protected from evildoers and available to your users.

Fognigma Surrounds Your Current Network with Encryption and Invisibility

The deployment option for Fognigma we’ll feature here is the Hybrid Deployment. This takes your existing network (which you already have working and running the software you need) and surrounds it in a cloaked shield of security. Your network will now be behind an ever changeable, always adapting, cloud-based network with two layers of AES-256 encryption between components.

What makes a Fognigma Mission Partner Network (MPN) different is that it’s built in parts across multiple cloud providers, with these parts working as one network. As a result, you have an invisible network built on public cloud infrastructure. A network you can manually or schedule-y burn down and rebuild whenever you want. You are replacing the armor around Frankenstein’s monster repeatedly in different configurations.

And don’t worry about the parts after burning. An MPN is made up of randomly leased pieces across multiple cloud networks. When you burn down your MPN, those fragments get wiped and returned to the pool to be used (and further overwritten) by some other project. When you rebuild your MPN, you’re using all new, randomly leased cloud bits. This is what makes your network invisible: the parts are random, and they change to other random parts. Interlocutors won’t even know to look for something to invade and exploit.

So, does Fognigma fix your antiquated process and/or software? Nope, only your agency can do that. What Fognigma can do is make sure the old vulnerabilities of your network are enveloped in a protective coating of encrypted, traceless, random goodness. To tie this back to our original example of Frankenstein’s monster… okay, so there really isn’t a way to tie it in. Frankenstein’s monster is never given the ability to blend into normal society and become invisible. But wait! Since this is fiction and we can set our own rules, Fognigma wrapping up your network is like Frankenstein’s monster wrapping himself in ever-changing armor and then draping all that in Harry Potter’s invisibility cloak (assuming it was long enough). Boom – puttin’ on the Ritz!

bigstock-Isometric-Cloud-Computing-Conc-243793318-Converted-01

Fognigma in the Intelligence Community

Fognigma Encrypts and Protects your Inter-Agency Collaboration & Intelligence Community

Fognigma is an enterprise software product perfectly suited to enhance and protect the information and communications of those in the Intelligence Community by creating Mission Partner Networks (MPN). Not only does Fognigma shroud comms in encryption and invisibility, but it also allows for secure inter-agency collaboration on whatever the mission entails.

Inter-Agency Collaboration
Inter-Agency Collaboration

Fognigma’s MPNs are built from randomly leased virtual machines which function as one unified network. Users from multiple agencies can quickly be added to this new network, making sure missions aren’t delayed. Inside the MPN, everyone can share and communicate, accomplishing mission objectives even faster. And then, when the mission is over, the MPN can be burned down as if it never existed.

Fognigma Protects Agents at Desks and in the Field

And it goes a bit beyond thinking of an intelligence community full of people in offices on desktop computers. Agents need to be able to go into the field and still access the MPN and be secure. Fognigma MPNs easily extend their encryption powers to mobile devices. And when an untrusted person needs to communicate securely with the team, an administrator can deploy a Portal Proxy (a secure, disposable way for a user to access an MPN without ever needing to know where that MPN is) in under a minute, and then delete it just as quickly when the untrusted person no longer needs access.

Encryption on Mobile Device
Encryption on mobile device

Now think about this statistic: according to a 2017 University of Phoenix survey, 51% of vacationers think their computers are just as secure on vacation as they are at home. Not saying your team members aren’t up-to-date on the limits of some forms of cybersecurity, but it’s still a chilling warning on how many view mobile cybersecurity. It especially applies to untrusted assets.

Use Case: A Mission Partner Network In Action

Let’s examine an example, because stories are fun:

A center like the CTIIC (Cyber Threat Information Integration Center), which we’ll call The Center, needs a multinational taskforce of agencies to investigate cyberthreats in Section 31. Three agencies are involved in this collaboration: one in the US, one in the UK, and one in Japan. Fognigma creates an MPN uniting these agencies, integrating a messaging server, a secure telephony system, and virtual desktops (VDIs) for every agent (including those in the field). With the MPN active, agents can collaborate on tracking down the nature of the cyberthreats.

MPN

On day thirteen, an employee of a small delivery company is convinced by an agent to provide information he has on the threats. We’ll call him Mr. Green. Using a Portal Proxy, Mr. Green is allowed very limited and controlled access to the MPN, so he can share his information. After the intel is recorded, the Portal Proxy is burned down and ceases to exist. At no time could Mr. Green access any information on the MPN not specifically shared with him.

intelligence community collaboration with mission partner networks
MPN Agency Collaboration

Mr. Green’s information is corroborated, warrants are issued, and arrests are made. The cyberthreat is no more. All three agencies celebrate in a secure chat, thank each other for their help, and log off of the MPN. The Administrator writes a few last notes in her report and, like the Portal Proxy used to talk to Mr. Green, burns the MPN to the ground. While it was in use, The Center’s MPN was never able to be seen, never able to be traced, and now that the operation is concluded, there’s not a shred of evidence it ever existed in the first place.

Mission accomplished.

In closing, we present the words of Paulo Shakarian (Entrepreneurial Professor at Arizona State University and CEO/Founder of CYR3CON), “You can have fantastic cybersecurity, but if you’re using IT systems to share information with a partner whose cybersecurity isn’t up to snuff, then your protection measures don’t mean very much.”1 Fognigma not only protects your agency’s comms and collaboration, but also protects and secures the work you do with other organizations through the encrypted and invisible wonder: the Mission-Partner Network.

 

1 Cameron, Dell. “Top Defense Contractor Left Sensitive Pentagon Files on Amazon Server With No Password,” Gizmodo. Gizmodo Media Group, 31 May 2017. Web. 15 March 2018.

Isometric personal data protection web banner concept. Cyber security and privacy. Traffic Encryption, VPN, Privacy Protection Antivirus. Vector illustration

Fognigma: In Brief

Fognigma Makes Your Communication and Collaboration Invisible

Fognigma is a super-secure communication tool that automatically builds and creates encrypted, cloaked networks (called Mission Partner Networks, or MPNs for short), which allow total protection and anonymity of communication traffic. Basically, with Fognigma, you can communicate with your team without any worry of leaks, hacks, or traces. Fognigma turns you into a communications ninja – strong, undetectable, and able to vanish in an instant.

Your Fognigma-created MPN is a randomly generated set of components which work together and are spread out across multiple clouds. No one can tell where your network exists, because it exists in parts in many places at once. And communication between parts is secured using two layers of AES-256 encryption.

Mission Partner Network
A Mission Partner Network created by Fognigma

At the heart of your network is the Wheel. The Wheel is the central hub where all your communication tools (telephony, voice and video conferencing, chat messaging, file transfer, remote workstations, etc.) live. The Administrator has complete control over which tools are available and to whom.

Data, Users, and Traffic are All Encrypted and Disassociated

Users securely connect to the Wheel by going through an entry point of your network and then through zero to three dissociating joints (depending on how you’ve built your MPN). Dissociating joints help to anonymize your connection and can be located in a different region or cloud. Upon exiting the Wheel, users again go through one or more dissociating joints (also, possibly in different regions or clouds). This makes discovering the actual location of the user impossible.

Encrypted Traffic
Encrypted Data, Traffic, & Users

Data, video, chat, files, speech, and any other information transmitted through a Fognigma-created network go through these same dissociating joints. And the entire network is protected by cascading AES-256 encryption between components.  Also, each Wheel is uniquely keyed, so even if someone could break the encryption of one Wheel, no other Wheels would be compromised.

Fognigma Creates Secure Networks in Mere Minutes

Administrators can use Fognigma to quickly launch a network within minutes. They can monitor use and manage assets, while letting the network handle its own maintenance. The MPN can also randomly move components across regions and clouds to avoid threats. And if you have a less-than-trustworthy contact that needs to be added, it can easily and safely be done (with restrictions on access, so as not to jeopardize your data, users, or network).

And just as fog can come and go in an instant, so can a Fognigma MPN. When it has overstayed its welcome (or as a routine cybersecurity program), an MPN can be completely burned to the ground as if it never existed at all. And no one can ever find what was never there!