The protection of critical information infrastructure (CII) is paramount for nations worldwide. The challenges faced by the industry demand innovative and comprehensive solutions. Roger Wang, Chief Information Security Officer and Co-founder of Anxinsec shared with us the pain points of the industry and how Anxinsec is pioneering in CII protection.
Pain points in CII protection
The existing defence systems excel in addressing known threats but struggle against the evolving landscape of unknown threats. Roger identifies this as a critical pain point, emphasising the need for a more adaptive and proactive defence mechanism. Furthermore, the industry’s heavy reliance on third-party threat intelligence leads to issues of incompleteness, delays, and inaccuracies. The isolation of CII entities from each other inhibits efficient intelligence sharing, resulting in a potential loss of crucial time during cyber incidents.
Anxinsec’s contribution to CII protection
Anxinsec has developed a robust National Cyber Threat Analysis and Counter System (NCTACS) comprised of five major subsystems.
- CITC – Cyber Threat Intelligence Centre: Gathers global cyber intelligence, providing entities with a comprehensive understanding of vulnerabilities, malware, and APTs for more effective defence.
- CTDR – Cyber Threat Detection and Response: A situation awareness system that monitors critical systems, leveraging intelligence for effective detection and response, closing the gap on cyber threats.
- AMDA – Advanced Malware Detection and Analysis: Specifically designed for advanced malware, AMDA is open to critical systems and security engineers, facilitating behaviour analysis and intelligence enrichment.
- CAS – Counter Attack System: An advanced system for weaponisation, attack simulation, and launching cyber-attacks during drills or wartime. CAS enables the creation of weapons from intelligence gathered and experienced attacks.
- SEH – Secure Exchange Hub: Facilitates secure information exchange between entities, ensuring the classified governance of data within NCTACS.
Why Anxinsec?
Anxinsec distinguishes itself through a combination of technologies and expertise in the realm of cybersecurity. Their Memory Protection Technology stands as a robust defence against modern cyber threats, particularly fileless attacks. With advanced threat expertise, the company excels in handling intricate cybersecurity issues, deploying kernel-level security technology to effectively combat binary attacks.
Anxinsec leverages the power of artificial intelligence in cybersecurity, not only enhancing its internal capabilities but also extending security services to customers integrating AI into their technologies. The company’s security service team brings a wealth of experience from participating in National Red Team/Blue Team Exercises, contributing to incident response proficiency and raising the protection bar for Critical Information Infrastructure (CII) entities. Moreover, Anxinsec’s extensive dedication to researching hacking techniques ensures a proactive and up-to-date approach, reinforcing its position as a key player in safeguarding against cyber threats.
Anxinsec in practice
The construction of NCTACS began in 2021, aiming to address industry challenges. After two years of development, the system currently covers 80+ CII entities, detecting 5,000 targeted attacks daily and thwarting 20+ APT attacks since H2 2022. A recent example involves an APT group from South Asia attempting phishing attacks on CII entities in electricity, finance, transportation, and manufacturing. NCTACS successfully detected and prevented these attacks through its joint-prevention mechanism.
