Palantir Cyber Software:
Future Of Cyber Security:
Palantir IL6 Advantage:
Palantir Cyber Software:
Palantir is a software company that provides an OS for organisations in order to enable true empowerment of data. Unlike Snowflake, or AWS, Palantir does not offer individualistic one-off tools, however does offer an operating system with 400 different tools, features and custom applications within.
In consideration of the fact that Palantir is a leading software company within the sphere of data, the organisation has come under major attack recently by the Russian state in an attempt to dismantle Palantir’s software solution. The most recent publicly known attack forced Palantir to move their security solutions to the UK, away from the US, after understanding threats in regards to Russian attacking cables under the Atlantic Ocean.
Whilst it can be stated that Palantir is not specifically a Cyber-Security company, the software does provide solutions within this field. Palantir Cyber can be described as an End-To-End Cyber Intelligence Platform For Analysis and Knowledge Management.
Palantir stated recently:
“Traditional perimeter defense solutions fail against sophisticated adversaries who target their, victims with complex, adaptive methods. Palantir provides a knowledge management and analysis platform for institutions seeking to understand the nature of cyber threats. Using Palantir, organizations can harden their network defense postures against threats emanating from both external and internal sources.”
At the foundation of Palantir Cyber are three unique capabilities that enable analysts to investigate the origins and features of cyber attacks and devise highly tailored responses. With Palantir Cyber, enterprises move beyond using simple black-box, automated detection systems. Palantir allows organizations to diagnose attacks and take pre-emptive action against future cyber threats.
Interestingly, Palantir work with Merck, whom experienced a major attack on their organisation a few years ago. Unfortunately, there has been ample examples of Russian attacks on the West. For example the, NotPetya attack by Russia on Ukraine hit any business that even had any relations with Ukraine. NotPetya infected the computer systems of Mondelez, disrupting the company’s email systems, file access, and logistics for weeks. This attack also paralysed Merck and their factories. Merk is an American multi-national pharmaceutical company located within New Jersey. Merck had to tap into emergency supplies of vaccines from the CDC, because their vaccine line was ruined by cyber-attacks.
Not only this, however Palantir has also stated within a recent Industry 4.0 Whitepaper, that as part of their 9 pillars for Palantir Foundry, one vital pillar is Cyber Security capabilities.
“It’s no surprise that Industry 4.0 boosts increased connectivity and the use
of standard communications protocols. As a result, the need to protect critical
industrial systems and manufacturing lines from cybersecurity threats rises
dramatically. For this reason, secure, reliable communications, together with
asset & vulnerability management for machines and identity verification of users,
are essential.”
Palantir Solution:
Using Palantir’s Hercules technology, enterprises build and iterate on strategic
algorithms to comb through data archives and detect anomalies by creating clusters
that reveal previously unknown entities, events, and connections. The resulting
clusters are ranked by relevance and presented to the user along with other
visualizations such as risk scores, pie charts, and heat maps. An analyst can triage
these clusters and then drill down on a particular anomaly and investigate it further,
continually modifying the algorithm as new information emerges.
Recognizing that commercial institutions face a shared set of cyber threats, we created the Cyber Mesh, a platform for secure information sharing among peers. Drawing on successful models within the defense and intelligence communities, the Cyber Mesh enables secure peer-to-peer sharing between enterprises with automatic redaction of sensitive data. A centrally hosted Palantir instance provides out-of-the-box cyber intelligence feeds, rolled up from suspicious activity patterns,
third-party open source and licensed data feeds, and contextual data feeds. By letting organizations leverage the subject matter expertise of Palantir engineers and insights from peer institutions, the Mesh provides immense analytic value over automated black box solutions.
Future Of Cyber Security:
Nicole Perlroth, a cyber-security lead stated recently within an exclusive interview with Lex Friedman that we are entering into a dangerous period in regards to cyber-crime & digital attacks by Nation States.
Nicole Perlroth is a cyber-security award winning journalist for the New York times, where her work has been featured within films and television. Nicole also is a regular lecturer at the Stanford School of Business.
The under reported story of Colonial Pipeline could have been disastrous for the US & global economy said Nicole. She stated how, after the company was hit and was forced to freeze operations, there were leaked documents stating that as a country, the US could have only afforded 2-3 days of the pipeline being down. Any more downtime, said Nicole, would have majorly disrupted global prices for oil and gasoline.
Unfortunately, there has been ample examples of Russian attacks on the West. For example the, NotPetya attack by Russia on Ukraine hit any business that even had any relations with Ukraine. NotPetya infected the computer systems of Mondelez, disrupting the company’s email systems, file access, and logistics for weeks. This attack, said Nicole, paralysed Merck and their factories. Merk is an American multi-national pharmaceutical company located within New Jersey. Nicole mentions how, Merck had to tap into emergency supplies of vaccines from the CDC, because their vaccine line was ruined by cyber-attacks.
Nicole stated that any geopolitical conflict from now on, is guaranteed to have some cyber element to it. Nicole went on to proclaim that, the DOJ within the US recently released a report showing that China had been hacking into US pipelines – not for intellectual property threats – but to get a foothold if things escalate in Taiwan. Any time Nicole reads a report regarding physical aggression in war, she is always looking at this through a cyber lenses.
There is no way that these nation states will NOT use cybercrime to get a foothold, she proclaimed.
Nicole believes that, US adversaries have learned that they will never be as dominant physically with warfare. However, in the cyber space, this is where the West has a weak point in relation to cyber.
80% of software is owned and operated by private sector, she said. For the most part, there is no requirement for companies to tell government that they have been hit by a cyber-attack, nothing mandating a bare minimum standard of cyber security. This indicates the utter weakness of the West.
Even when there are attacks, most of the time we do not know about it, Nicole said.
In the last year, there were a record number of zero-day attacks.
“Zero-day” is a broad term that describes recently discovered security vulnerabilities that hackers can use to attack systems. The term “zero-day” refers to the fact that the vendor or developer has only just learned of the flaw – which means they have “zero days” to fix it. A zero-day attack takes place when hackers exploit the flaw before developers have a chance to address it.
In consideration of the geopolitical hot points present within society, nations have been investing in cyber tools more aggressively.
The major concern for Cyber Crime is that, there is a low barrier to entry for cyber war. “All you need is a laptop and the skills”, said Nicole.
A simplification of the main points Nicole mentioned within a recent exclusive podcast:
- We have stumbled into new era of digital damage.
- Often with cyber what we are seeing is just shy of war attacks: the question is – what happens when these attacks become more predominant and longer.
- Colonial Pipeline: took down biggest facility. This was because the company forgot to deactivate an old employees account, and there was no two factor authentication. This shows the inherent weakness of systems in the West.
Examples Of Russian Attacks:
Russia holds an array of tools for actions in the cyberspace, which are both information-technical and information-psychological and involve state actors as well as proxies. Interestingly, according to NATO, Russian attempts to achieve cognitive effects when conducting cyber operations. Russian forces have been in combat with Ukrainian soldiers since 2013, and unfortunately Ukraine has become a testing-field for Russian cyber-attacks. For example, within 2014, Ukrainian telephone providers claimed that Russian troops in Crimea had tampered with the critical fibre cables, and had severed the connection between the peninsula and the mainland.
The cell phones of Ukrainian parliament members were interfered with, and the Ukraine government website was knocked offline. On March 8, DDoS attacks hit the National Security and Defence Council of Ukraine and the Ukrainian state-run news agency Ukrinform. On March 16, the day of the referendum for Crimea’s annexation, NATO websites were attacked by the GRUlinked hacktivist group ‘CyberBerkut’.
A significant example which combined technical and psychological means of ‘information confrontation’ was the targeting of Ukraine’s presidential election in May 2014. Three days before the presidential election in May 2014, an attack was launched on the Central Electoral Committee’s (CEC)
network. The attack disabled real-time display of vote count, and culminated with attackers posting a statement on the CEC website claiming a presidential election win for a far-right candidate.
Palantir IL6 Advantage:
Palantir have been involved with high level informational tasks within Governmental organisations for years. This includes the recognition of IL6 status, referring to Palantir’s ability to accommodate DoD classified information up to SECRET status.
Whilst there has been no official confirmation from Palantir that this status has been achieved, there is reason to assume that Palantir have/will gain this recognition within the near future.
Furthermore, this indicates towards the safety and utility of Palantir & the software solution.
