info@blakfx.com   Wickr: BLAKFX
Slide1
Slide1
Slide1
Slide1
previous arrow
next arrow
BLAKFX: In Math We Trust – Helix22 End-to-End Post Quantum Encryption
BlakFXCybersecurityHackingNSAWork

SEC Charges SolarWinds CISO

Posted blog

In a surprising development that is spooking the cybersecurity community, the Securities and Exchange Commission (SEC) filed charges against SolarWinds and its Chief Information Security Officer (CISO), Timothy G. Brown, alleging that the software company misled investors about its cybersecurity practices and known risks.

The charges stem from alleged fraud and internal control failures related to known cybersecurity weaknesses that took place between the company’s October 2018 initial public offering (IPO) and its December 2020 revelation of a sophisticated cyberattack dubbed “SUNBURST.”

The software supply chain cyberattack involved Russia-linked threat actors breaching SolarWinds systems in 2019, or possibly even earlier. The hackers compromised the automated build environment for the company’s Orion monitoring software, and in the spring of 2020 they pushed out malicious Orion updates to SolarWinds customers.

According to the complaint filed by the SEC, Austin, Texas-based SolarWinds and Brown are accused of deceiving investors by overstating the company’s cybersecurity practices while understating or failing to disclose known risks. The SEC alleges that SolarWinds misled investors by disclosing only vague and hypothetical risks while internally acknowledging specific cybersecurity deficiencies and escalating threats.

A key piece of evidence cited in the complaint is a 2018 internal presentation prepared by a SolarWinds engineer that was shared internally, including with Brown. The presentation stated that SolarWinds’ remote access setup was “not very secure” and that exploiting the vulnerability could lead to “major reputation and financial loss” for the company. Similarly, presentations by Brown in 2018 and 2019 indicated concerns about the company’s cybersecurity posture.

The SEC’s complaint also points to internal communications among SolarWinds employees, including Brown, in 2019 and 2020, which raised questions about the company’s ability to protect its critical assets from cyberattacks. In June 2020, Brown expressed concerns that an attacker may use SolarWinds’ software in larger attacks, noting that “our backends are not that resilient.” Additionally, a September 2020 internal document shared with Brown and others stated that “the volume of security issues being identified over the last month have [sic] outstripped the capacity of Engineering teams to resolve.”

The SEC alleges that despite being aware of these cybersecurity risks and vulnerabilities, Brown failed to address them adequately within the company. As a result, the company was unable to provide reasonable assurances that its most valuable assets, including its flagship Orion product, were adequately protected.

SolarWinds’ incomplete disclosure about the SUNBURST attack in a December 14, 2020, Form 8-K filing resulted in a significant drop in the company’s stock price, falling approximately 25 percent over the next two days and approximately 35 percent by the end of the month.

Personal & Business Data Security is at the very heart of what we are striving to achieve at BLAKFX. We all know that data theft and cyberattacks are a tangible threat to all of our collective well-being. Business and government simply cannot operate nor thrive if the threat of theft or exposure is omnipresent.

The new era of data security is one that requires new solutions. The era of perimeter defenses is over as it is proving impossible to keep hackers from breaching the perimeter and accessing data. Further E2E encryption based on old models of RSA cryptography will be obsolete when quantum computing becomes mainstream.

Helix22 delivers perfect security assurance due to our genius engineering team that has invented a new model for data security that required an innovative look at the problem. The approach we took was to protect the data itself. Almost all other data security products try to build a perimeter or being fanatic on user credentials. However, once the product is breached or a password is stolen, even if it is 2FA or encrypted, your firms data is in the clear.

You see, the Helix22 cryptography is embedded with the data itself through our inventive and patented process of DNA BindingTM. Therefore, even if credentials are stolen the data cannot be exfiltrated. This means that all data is 100% protected regardless of the type of attack. This holds true for customer and user data as well. No theft of user information is possible.

 

              Our Motto

      “In Math We Trust”

D2D encryption

We can make this claim as the tech engineers at BLAKFX invented and patented a genuine device2device (D2D) encryption. We manage data security transmission through the truly brilliant and also patented universal Helix22 key service. The Helix22 encryption originates on your network or device, not just when the app is opened. This means, that when data arrives to our key server, it is already encrypted so all it needs to do is issue another key. Signal and Telegram cannot claim this level of security. This key will then only work with the intended device, which generates a matching key required to open the data. In this protocol, we are truly a “zero-knowledge” server so your communications and transmissions remain completely top secret. Even in the event that BLAKFX were subpoenaed, we can honor the request by just handing over the encrypted content…as that is literally all we have. Helix22 also only use keys just one-time and then destroys them. This way the data security is future forward prefect. Therefore, in our unique device-to-device (D2D) world, there is no opportunity at all for any data leak.

This same protocol just described, can be the same with all your 3rd party vendors and suppliers. It does not matter in the least what platform they are running or what device they are using or even the type of data, it is all 100% protected. We do however, strongly advise that all firms involved be utilizing Helix22 due to the nature of the data content. Helix22 can ensure that whatever data they are generating is protected as well.

Let’s take it a step further. Even if your organization were a victim of an internal attack or a victim of malicious open source downloads, there is no reason for concern. Any data that has been forwarded, downloaded, copied or saved cannot be exfiltrated. Period.  We have the technology industries foremost data packets which are protected with multi-layered, military grade encryption algorithms that have already proven the ability to withstand penetration testing from MI5 and quantum computing attacks.

One final practical genius of DNA BindingTM is in that it is immediately compatible with whichever system or software you are utilizing. Therefore, any organization can forward information to another and then discuss it and there is immediate privacy.

Helix22 is Quantum Immune – Start Your Integration on our Git

The Helix22 data security SDK accomplishes the following:

    • Protects all your firms data at rest, in use and in transit
    • Renders ransomware threats obsolete
    • Eliminates human error
    • Eliminates all malicious or interior attacks
    • Verifies original content i.e. minimizes the threat of impersonation attacks and deep fakes
    • Reduces latency and optimizes 5G networks
    • Installs with 5 lines of code
    • Runs on any platform, network, device and in any programming language
    • Provides perfect future/forward secrecy
    • Delivers “zero-knowledge” encryption
    • Compatible with all cloud, 3rd party and vendor services
    • Enables Internet of Things data security by providing protection at the Edge and has ultra low latency
    • Ensures privacy and security for blockchain and all cryptocurrency transactions
    • Is quantum ready – so there’s no need to upgrade when the time comes
    • Requires no employee training
    • Exceeds all gov’t and banking security standards
    • Meets all international compliance regulations

BLAKFX is Based on Success

Our founders, Robert Statica PhD and Kara Coppa, also founded Wickr, which is used by the US military and has never been hacked since its inception in 2012. The Helix22 data security SDK is several generations enhanced since then. Dr. Statica also delivered the encryption for the world’s most secure phone, Katim.

                                                                                         

Founder – Robert Statica PhD            Founder – Kara Coppa   

 

                               

Co-Founders of Wickr                    KatimTM Ultra Secure Smartphone

 

Finally, the Helix22 encryption is quantum computing ready so no need to redo all your data security methodologies in a couple of years when everything else becomes obsolete.

We like to refer to Helix22 as “22nd Century Data Security.”

The wrold's foremost B2B and B2G data security product.

Helix22 – Zero Risk