PSSC Labs, a developer of custom high-performance computing and Big Data computing solutions, has announced that it was selected by CyberSecurity Malaysia (CSM) to help facilitate, manage, securely store and access massive amounts of cyber forensic data by building a custom turn-key cluster server.
CyberSecurity Malaysia is the national cybersecurity specialist agency under the Ministry of Science, Technology and Innovation (MOSTI). The role of CSM is to provide specialised cybersecurity services that contribute towards a bigger national objective of preventing or minimising disruptions to critical information infrastructure in order to protect the public, the economy and government services.
CSM receives about 10,000 security incident reports each year. Recently, CSM has seen a growing number of cyber-incidents with fraud topping the list followed by intrusion, malicious codes and cyber-harassment. As of October 2017, CSM received 3,240 reported incidents on fraud; 1,781 on intrusion; 694 on malicious codes and 499 on cyber-harassment.The tightly integrated CloudOOP Rax solution provides superior performance and enables a single view of diverse streams of security data
Rapid threat detection and response
To facilitate, manage, securely store and access massive amounts of cyber-forensic data, CSM required an infrastructure upgrade. CSM security experts embarked on a worldwide hunt for a vendor partner and selected PSSC Labs to custom build a turn-key cluster server that could be delivered to Malaysia.
With over 25 years of experience providing the most cutting edge HPC and Big Data computing solutions to customers including the US Army, NASA and other major US research universities such as Harvard, PSSC Labs had the precise expertise that CSM was looking for.
PSSC Labs engineers custom-built a CloudOOP Rax Cluster server solution to meet CSM’s requirements of a powerful ready-to-deploy system that would not be an energy drain.
The tightly integrated CloudOOP Rax solution provides superior performance with a framework that enables a single view of diverse streams of security data, allowing CSM to rapidly detect and respond to emerging threats.The PSSC Labs system will act as the platform for data processing and analytics as well as visualisation
Efficient analytics with Apache Metron
The complete system included ten PSSC Labs CloudOOP 12000 Data Nodes and three CloudSeek Name Nodes. All the necessary rack, 10GigE network switch and power connections were preconfigured and included. They also installed Hortonworks HDP Data Platform and Apache Metron which were preconfigured for the CSM team.
Apache Metron is a streaming analytics application that makes it faster and easier for security operations personnel to do their job. It is a next generation SOC (security operations center) data analytics and response application that integrates a variety of open source big data technologies into a centralised tool for security monitoring and analysis. Total storage capacity of the system is 150 terabytes.
By using PSSC Labs hardware and system, CSM hopes to have high processing performance for central analysis in analysing multiple incident images. CSM will also utilise the hardware to analyse and visualise large amounts of data for malware analytics where the size of data can be as big as 100gb/year and increasing, said CyberSecurity Malaysia’s Chief Technology Officer, Dr. Solahuddin Shamsuddin. “The PSSC Labs system will act as the platform for data processing and analytics as well as visualisation. The visualisation will be fed to stakeholders with dashboard access.”Artificial intelligence enables a ‘proactive defence’
AI-powered cyberattack prediction
To ensure the installation was flawless, CSM organised a Strategic Training and Working Visit to PSSC Labs in the fall of 2017. The participants were from the Digital Forensic Department in CyberSecurity Malaysia. They were trained on Big Data platform and technology by PSSC Labs engineers.
The PSSC Labs platform will also provide sufficient resources for CSM to incorporate AI into its offerings. Artificial intelligence will enable CSM to predict cyberattacks before they happen by detecting changes or anomalies. The country has a shortage of skilled cybersecurity professionals, and AI will act as a ‘force multiplier’ to enable fewer analysts to identify, thwart and counter a far greater number of attacks.
It will also provide analysts with ‘situational awareness’ by identifying and classifying any backend limitations a system may have. Artificial intelligence enables a ‘proactive defence’, constantly monitoring for vulnerabilities that could be exploited for malicious purposes.