2 min Security

Check Point acquires IoT security specialist Cymplify

Check Point acquires IoT security specialist Cymplify

Security company Check Point Software Technologies has acquired Cymplify for an unknown amount. Cymplify is a company that specialises in security for the Internet of Things (IoT).

Cymplify is developing a firmware analysis engine for IoT security that provides highly detailed cybersecurity posture reports. The company also offers an on-device software security hardening module for IoT security.

Although it has not been announced how much Check Point has deposited for the company, an insider from CTech states that it is 5 million dollars (4.54 million euros).

Removing a blind spot

In a statement, Check Point emphasises the importance of Cymplify’s technology. According to the company, the rise of IoT has created a blind spot within security. This is where cybercriminals use fifth and sixth generation cyber-attacks to invade devices, manipulate their operations or take over critical infrastructure.

Cymplify’s technology makes it possible to quickly strengthen and protect an IoT device against zero-day attacks, according to Check Point. This technology will be integrated into Check Point’s Infinity architecture after the acquisition.

With the renewed offering, Check Point should be able to help customers reduce IoT risks and repel IoT-related attacks without disrupting critical operations.

Growing market for IoT attacks

Trend Micro research in September showed that the market for attacks on IoT devices is growing. Before that, the company analysed Russian, Portuguese, English, Arabic and Spanish forums on black markets.

In these forums, criminals were even found discussing how to use industrial devices for their attacks, in particular programmable logic controllers (PLCs) that are used to control large production equipment.

According to Trend Micro, cybercriminals are probably planning to steal money from victims by launching digital extortion attacks on industrial devices. In addition, the attackers are threatening to cause downtime in production.