CREAPLUS offered an innovative security solution from UK-based Goldilock to remotely disconnect network connections in the event of a cyber incident and mitigate the risks associated with critical digital assets.
- The bulletproof level of security allows users to remotely physically disconnect their assets, either proactively or reactively.
- The patented IP-free signalling technology does not use the Internet, placing the command path beyond the reach of threat actors.
- The Goldilock Drawbridge Cyber Kill Switch keeps digital assets isolated and untouchable - in the event of an attack, it enables near-instantaneous physical disconnection to prevent data exfiltration and lateral movement of attackers or malware code.
- Goldilock Drawbridge can reduce the attack surface by up to 100%, providing the highest level of protection for sensitive data and systems.
- Easily suspend access to IT resources and assets when they are not in use - without shutting down servers and active network devices.
As cyber threats become more frequent and pervasive, the cyber security industry is looking for innovative solutions to mitigate and prevent risks in the event of cyber incidents. CREAPLUS has been offering Goldilock solutions for remote physical shutdown and disconnection of computer networks or network devices to organisations and cyber security solutions and managed service providers in the region. The Goldilock Drawbridge Cyber Kill Switch, a network security appliance whose development was co-funded by the UK Government's Defence and Security Accelerator, enables remote physical segmentation of digital assets and networks without the use of an internet through which cyber attacks are conducted.
"Goldilock Drawbridge works in much the same way as an operator manually disconnecting a network cable from a router, switch or endpoint computing device, except it is done remotely, without human presence, and as soon as an incident is detected," said Mitja Trampuž, CEO of CREAPLUS.
The device works by physically connecting or disconnecting network connections using electromechanical relays. A single Goldilock Drawbridge device can connect up to 12 connections at speeds of up to 10Gb/second per connection, and is also available in a four-connection micro-network version. Because it does not use the Internet Protocol for communication or control and management - neither IPv6, nor IPv4, nor VPN - attackers cannot intercept the data packets or the address of the device to discover and disable it on the network. This is because communication with the device is via SMS and multi-factor authentication, or via an embedded secure browser and out-of-band management separate from the primary IP network.
These devices are used in both the defence and civil/business sectors, for example to prevent access to business systems outside working hours, or to protect critical devices such as HSMs for the creation and management of digital certificates and data encryption. Goldilock's technology ensures that assets remain secure, invisible and inaccessible to adversaries, connecting to the Internet only when needed or physically isolated at a moment's notice.
As Trampuž pointed out, the Goldilock Drawbridge's use cases include protection against ransomware attacks, as it is possible to instantly terminate the spread of malicious code in the network by remotely physically unlocking IT resources. Similarly, it prevents malicious hackers from gaining access to critical networks and digital assets once external cyber defences have been successfully breached.
CREAPLUS, as a regional distributor for Goldilock solutions, is already establishing a network of partner companies that will handle the sales, installation and maintenance of Goldilock Drawbridge network protection appliances. Until the partner network is established, the devices and the supporting services can be purchased directly from CREAPLUS.