Xcitium Exec: ‘Mom-And-Pop’ Ransomware Actors Are Going After SMBs
‘These mom-and-pop operations are not going to attack the Fortune 500 companies out there … it might happen to customers in [SMBs] and to midmarket customers. They are going to go after where they think they can be successful,’ says Douglas Bailey, Xcitium’s vice president of business development and global allliances.
Douglas Bailey knows cyberattacks are getting more sophisticated, but he’s more concerned about a new breed of bad actors specifically targeting small and midsize businesses. This is creating a new market for MSPs’ security offerings.
Xcitium’s executive vice president of business development and global alliances told an audience at CRN parent The Channel Company’s XChange August 2022 conference in Denver that businesses don’t have to accept attacks are a forgone conclusion to be dealt with after the damage is done.
“For the last eight or 10 years, we’ve been in this mode where we would try to detect [a ransomware or malware attack] before it’s successful,” Bailey said of the cybersecurity industry. “I’m here to tell you: We don’t need to tell our customers that they have to accept a breach. We can still protect our customers from ransomware. And malware—we don’t have to accept that.”
Bloomfield, N.J.-based Xcitium, formerly known as Comodo Security Solutions, is using artificial intelligence to isolate attempted attacks even as the ransomware and malware game changes almost daily. He said his company’s tools can be deployed by channel partners for smaller customers that are dealing with an increase in malicious hacker attacks.
Bailey said the professional hackers making headlines with high-profile attacks are overshadowing a new breed of bad actors. “These folks aren’t the professional ransomware actors that we’re used to,” he said, noting that more sophisticated ransomware operations can have a corporate structure, including human resources and marketing. “Now we have all these ‘mom-and-pop’ ransomware [actors] that are popping up.”
Those smaller operations are foiling behavior-based analytics used for threat detection and response, Bailey said. “And I think the most important thing for this group is that these mom-and-pop operations are not going to attack the Fortune 500 companies out there … it might happen to customers in [SMBs] and to midmarket customers,” Bailey said. “They are going to go after where they think they can be successful.”
By focusing on the “discrete first steps” that hackers take, Bailey said Xcitium is able to create a smokescreen of sorts. “We create a virtual container that looks like the API [that the attacker] is trying to access. This container is a façade … and we use that virtual container to shield the operating system. And we determine if it is malicious or not. And typically, that’s wiped out.“
Xcitium is committed to its focus on the channel, Bailey said. “We are focused on our partners,” he said. “The [MSP] channel is a major part of our business today and still is a major focus of this business. We know unless you’re successful … we won’t be successful. We’re covering the market and helping partners with a truly competitive differentiation.”
Gregory Hammerl, owner of Buffalo, N.Y.-based Network Services, said he was intrigued by Bailey’s presentation. “I’ve never heard of this company and one of the key reasons to be here [at XChange] is to discover new products that are out there and new technologies,” he said. “We haven’t had any customers attacked recently. But you know it’s out there and it’s a threat. So, I’m always looking for new products to help out with those potential threats.”