We designed, developed and patented an embedded device, (deception platform), which detects an unauthorized connection/cyber attack or malicious activity utilizing legitimate communications, extracts the communications' payload out of the active process buffers (memory/sockets), converts the payload to a benign hexadecimal (harmless) format, then transmits the cyber data to a defined (customer) device at the time the cyber attack/malicious activity BEGINS.
Cyber Detection Services Inc.
Edit to add your HTML.
The CDS Threat Feed is a 24x7/365 threat intelligence service, which instantly detects, captures the payload and transmits all cyber attacks targeting the CDS data center. The CDS data center is 100% comprised of embedded devices, which many more can be added at any time. Each embedded device deployed throughout the CDS data center emulates a SINGLE PUBLIC SUBNET, along with traditional servers (FTP server, Telnet Server, Database (SQL) server(s), Email server, Terminal server, Virtual server (hosting) with various adapters, Telecommunications server, Video gaming, Network Plug-n-Play, Network Device Management, etc), a proprietary method (CDS Process Emulators) of detecting attacks against port 80/81/8080/8081-HTTP (www) and port 443/8082-HTTPS/SSL (secure www), Industrial Control Systems (ICS), Automated Teller Machines (ATMs), Point-of-Sale (PoS) devices and Internet of Things (IoT) devices. All embedded devices are comprised of IP addresses that span the continental United States (and minor parts of Canada and Mexico).
All embedded devices with the CDS data center utilize our patent pending TCP and UDP process emulators, which can be instantly started and assigned to any port, in order to emulate any specific type cloud instance, server, desktop, ISC, PoS or IoT network operating environment. At this time our embedded devices emulate about 70 different cloud/virtual/traditional servers, ICS, ATM, PoS and IoT operating environments, which (again) can be easily expanded via our proprietary CDS embedded remote management system at any time.
Customers of the CDS Threat Feed install our proprietary Cyber Instant Messenger (IM), which can be assigned to any unused port. The Cyber IM utilizes the NIAP/NIST certified encryption DLLs within the Microsoft Operating System (O/S). The Cyber IM is designed with an embedded encryption key, password, a proprietary "hand shake" and the most important, which is the binary serialization of data within the IM message streams.
Simply stated, if the NIAP/NIST encryption DLLs were removed, along with removing the encryption key, password and the proprietary "hand shake", the hacker would need to decipher the binary serialization of the data streams in order to successfully connect and receive/transmit data.
Good luck with that effort... Considering that we continuously change all encryption parameters, the binary serialization key(s) and the port assignments.
CDS is continuously adding new embedded devices to cover specific regions throughout the country.
In the screen shot of the CDS Cyber IM below, the CDS data center is being targeted by an IP address registered to Data Shack United States (22.214.171.124). The Data Shack IP address is attempting to login to our data center (passive intelligence gathering) via Microsoft Terminal Services (port 3389), to gain unauthorized access and leave no physical trace of a successful hack (cyber attack). The next IP address is registered to China (126.96.36.199), and is targeting port 23-Telnet attempting to gain access to any device that will respond via port 23-Telnet (Internet of Things-IoT) and/or Industrial Control Systems (ICS).
As of the day this webpage is published, (September20, 2018), the SANS Internet Storm Center (ISC) has no record of the Data Shack IP address (188.8.131.52) attempting any malicious activity. This is because this particular site is utilizing legitimate communications in an attempt to successfully target and hack our CDS data center. Again, as of the day this webpage is published, (September 20, 2018), this particular attack has successfully bypassed millions of sensors associated with the SANS ISC.
As of the day this webpage is published (September 20, 2018), The SANS Internet Storm Center (ISC) has only recorded 1 malicious report on the Chinese IP address (184.108.40.206) attempting to gain access to IoT devices via port 23-Telnet. This means that this particular attack has also successfully bypassed millions of sensors associated with the SANS ISC.
Please contact CDS for a free 7 day evaluation of our Threat Feed Service.
Next "Wave" in Technology - Post Cloud Computing - IoT intelligent devices that can reside on "The Edge" of networks, which can also seamlessly integrate into existing cloud and traditional networks.