My Startup: Barac
Barac solves an unaddressed area of cybersecurity - how to detect and stop malware that’s hidden inside encrypted internet traffic.
Omar Yaacoubi set up Barac in 2017 alongside his business partner Mahdi Ben Hamden (now COO). Headquartered in Shoreditch, it already has other offices in France, the US and Omar’s native Tunisia, with a total staff of 29.
PwC estimates that 60% of malware will be encrypted this year, making it a hacker’s attack vector of choice.
Omar and his team have developed a way to scan encrypted traffic without the need for encryption. By looking at the traffic’s metadata rather than the actual data itself, it can scan for malware in real-time without breaching compliance rules.
Founders: Omar Yaacoubi
We spoke to Omar to find out more...
Why did you start Barac?
Having worked with Big Data and Artificial Intelligence (AI) in anti-fraud and cybersecurity solutions for over a decade, where I helped organisations collect huge volumes of data to analyse for signs of attacks or fraud, I noticed a growing threat: encrypted malware.
Encryption – the process of encoding information so that only certain parties have access to it – was growing quickly (encrypted data represented 70% of all traffic in 2018, which is expected to rise to 83% by 2020), thanks in part to new compliance regulations such as GDPR.
Ironically, encryption was also giving cyber hackers a new way to attack organisations. By encrypting their malware – intentionally designed malicious software used in cyberattacks – they could hide malicious code amongst regular encrypted network traffic and breach organisations that way. This is a growing problem, and PwC estimates that 60% of malware will be encrypted by the end of this year.
Existing solutions on the market were unable to detect this new type of threat effectively, so I set up Barac to develop a new type of solution that uses AI and behavioural analytics to spot and stop this new form of cyberattack.
Tell us more about the product - what makes Barac different?
Barac’s solution to encrypted malware is our Encrypted Traffic Visibility (ETV) platform.
Other security vendors offer the ability to see inside encrypted traffic by decrypting the data – this means they decrypt the data so they can look through it and block the bad data, then re-encrypt and forward the good data to its intended destination. Not only does this put significant stress on the network as there is a lot of data to process, but it could also be putting enterprises in breach of regulations such as GDPR. This is because when the data is decrypted, the information – including sensitive information such as names, addresses, bank details – could be visible to all.
Barac has developed a unique solution which uses AI and machine learning to spot this malware, without the need for decryption.
Our ETV platform inspects encrypted traffic by analysing its metadata – the data surrounding the main traffic data – to spot anomalies within encrypted communications. This new technology allows us to spot any bad data, without looking inside the traffic and seeing any sensitive information, and stop it before it reaches its end destination. It does this by learning what is ‘good’ and what is ‘bad’ data.
Not only does this mean that organisations can protect themselves from this new type of attack, but they also aren’t putting themselves in breach of compliance regulations as the information is never decrypted.
Where’s the business at right now?
Barac already has a number of large enterprise customers and proof-of-concepts underway. Our customers currently include major banks, tier-one telecoms operators, plus critical infrastructure providers operating across Europe. The ETV is also deployed by UK Government departments.
In late 2018, Barac was selected to join GCHQ’s prestigious Cyber Accelerator programme. The programme, run by GCHQ’s National Cyber Security Centre, provides support to companies that GCHQ considers groundbreaking in improving the UK’s cybersecurity.
We are also expanding into different countries and locations, using partners worldwide, and most recently opened an office in Boston in the US.
What are your aims for the next year?
Growth, growth and growth.
Barac has aggressive plans for growth and we have been ramping up sales and marketing activities since the beginning of 2019.
Target verticals will continue to include finance, telco, utilities and public sector, which are most exposed to the threat of encrypted malware.
What’s been the hardest thing about getting Barac off the ground?
Creating an entirely new approach to cybersecurity that helps organisations tackle one of the hardest problems in security has not been easy!
Some of the hurdles we faced were convincing users that our new approach can yield fantastic results with high accuracy and reduced false positives; finding the right people to develop the platform; integrating with other solutions.
Why should more people be using or investing in Barac?
Barac’s ETV solution is unique in the cybersecurity market. We have no direct competitors who can achieve the same results as our technology which delivers clear benefits to our customers.
Firstly, they are able to more accurately protect their systems by having visibility into encrypted traffic to protect against hidden malware in real-time, with high accuracy, but without decryption. Barac’s ETV platform overcomes the organisational, technical and budgetary challenges of relying on decrypting and re-encrypting traffic in order to identify and stop threats.
Furthermore, network speed or user experience isn’t negatively affected, customers have no need to invest in additional hardware and there are none of the privacy issues that come with organisations decrypting employee communications.
Secondly, Barac offers its customers compliance with privacy regulations, because the data on the corporate network is not being decrypted into cleartext at any point, so no sensitive data such as PII, PHI or PCI information is exposed by the inspection process.
How much will it cost customers? and why is it worth it?
The ETV platform is offered to customers either as an on-premise or Software as a Service solution and is available on a subscription model, helping avoid one-off CAPEX charges and making the service more affordable. This also makes the service highly scalable, with customers able to add on virtual machines if they have more encrypted traffic to scan as they grow.
In addition to scanning network traffic, the subscription includes all service updates; troubleshooting and correction of any operational problems; updates and configurations management.
Other security vendors who attempt to protect against encrypted malware through decryption put significant computing stress on the network, resulting in legitimate traffic being dropped.
Barac’s approach to inspecting encrypted traffic by analysing metadata through AI, achieves 99.997% accuracy in its detection of malicious activity with no slow-down or dropped traffic.