February 10, 2015
Virginia-based PFP Cybersecurity has developed a technology that may prevent future “zero-day” hacks from happening, such as the ones recently experienced by Sony, Target, JPMorgan Chase and Anthem. The technology reportedly detects hackers within milliseconds of an attack by identifying pattern changes in the power that devices use. PFP is currently testing the technology in South Carolina working together with the Department of Energy’s Savannah River National Laboratory.
“It takes an average of more than 200 days to discover a breach, according to Mandiant, a cyber-forensics company,” reports Bloomberg. PFP claims that its tech takes only milliseconds to identify and alert a human technician of an attack.
“First you establish a baseline pattern for a system as it operates normally,” Bloomberg explains. “Once the power signature for the device is recorded, PFP’s monitor can detect even the smallest change in that pattern.” The technology runs software that analyzes information picked up by sensors.
PFP Cybersecurity was founded under the lead of Jeffrey Reed, Carlos Aguayo Gonzalez and Steven Chen. Reed, a professor of electrical and computer engineering at Virginia Tech, developed the technology in 2006 with Gonzalez, who was a Ph.D. student of his at the time. Chen, who had formerly owned 3e Technologies International, joined the duo in 2010 to help launch the company.
Bloomberg informs that PFP has raised about $1 million from venture capitalist and has secured “contracts from the Army, Air Force, Department of Homeland Security, and DARPA.”
PFP’s technology has garnered positive results from its tests with the Savannah River National Laboratory. Bloomberg reports that “[it] showed that the technology was capable of detecting the Stuxnet virus, the program that attacked industrial control systems in Iran’s nuclear industry, even before it becomes active.”
PFP’s ability to detect attacks before they even happen is especially of interest to the Department of Energy, which focuses on the prevention of zero-day attacks.