August 29, 2023 By Mark Stone 4 min read

The security industry has always dreamed about an impenetrable internet where threats are neutralized and attackers cannot thrive. Many have tried to conceptualize this theory into reality, but for the time being, it remains a dream.

But one company, Dark Cryptonite, has already created this infrastructure.

If you’re still dreaming of a world where the internet is inherently secure, keep dreaming. That probably won’t come to fruition in our lifetime. But what if the internet as we know it can co-exist with an alternate internet? What would the impact be on business and the cybersecurity industry?

For one, the security industry would have to think differently about the tools and solutions we use. If this secure network infrastructure gained widespread adoption, everyone would need to find a way to balance it with today’s internet and continue to leverage current security solutions.

How would this all work?

Reengineering the cybersecurity framework

Dark Cryptonite’s co-founder, Tyler Cohen Wood, has extensive experience in special comms from her tenure with the Defense Intelligence Agency. In the context of cyber defense, “special comms” or “special communications” refer to secure, encrypted or otherwise protected communication channels that transmit sensitive information. Broadly speaking, special comms can also refer to any non-standard communication methods used for specific purposes or in specific situations. In a military context, special comms could refer to covert communication methods used for espionage or reconnaissance.

Throughout her time there, Wood realized that traditional methods of defense were increasingly inadequate as attackers continued to target the essential infrastructure of digital connectivity. According to Wood, the solutions that were once effective have now become part of the problem.

“Working with special comms… is a really out-of-the-box way of thinking,” she said. “You’re not using traditional channels, so you’re kind of hidden in the noise, off the grid. I started looking at the problem because I’ve been doing this for a long time, and I realized a few things.”

As the pandemic began, Wood concluded that cybersecurity awareness training was no longer enough. She referred to a report that in 2023, cyber vulnerabilities skyrocketed 589%, underscoring the crucial importance of cybersecurity.

“I started studying the bad guys because I wanted to see why they were winning, and I realized they were actually using special comms,” she said. “So it made perfect sense that was what the good guys had to do, too, because you look at those statistics, and we’re not winning, we’re losing.”

Embracing a new security paradigm

Of course, not all traffic has to be so secure that it has to be off the grid. “But for the things that do have to be completely secured where you cannot have them hacked, you would utilize a technology like Dark Cryptonite,” Wood said. “It gives you that protection, and it’s so obfuscated and goes through so many layers of encryption. And then when you consider that it’s an off-the-grid network, it completely changes the playing field.”

Because at the end of the day, if you have an IP address, they know where you live. If you don’t, they don’t know where you live. “If you have a system that can change its mode of entry on the fly, it can change what it’s connecting to,” Wood explained — such as when the infrastructure uses hashes instead of IP addresses. “It just changes everything.”

Dark Cryptonite is a paradigm shift from the traditional approach to cybersecurity. It doesn’t just add another layer of defense; it shifts the battlefield from where attacks are most potent. This solution operates “off the grid”, providing a secure and private environment for organizations to carry out their digital activities. Unlike conventional solutions that offer more traps or hurdles for threat actors to overcome, Dark Cryptonite essentially takes away the road, making it not just resistant to typical modes of cyberattacks but virtually invisible to them.

Wood envisions the internet as a series of train tracks and malicious programs as the trains. “These malicious programs need a particular infrastructure to operate and propagate,” she said. “Our infrastructure effectively eliminates these tracks, leaving no path for the malicious train to follow. This way, it sidesteps the entire concept of creating more barriers, which attackers invariably find ways around, and instead removes the ground they tread on.”

Integrating secure and traditional infrastructures

Despite its fundamentally different approach, the Dark Cryptonite infrastructure is designed to work effectively within an organization’s existing technology assets. Wood and her engineering team have ensured the solution incorporates a zero trust capability by design. Its Infrastructure as a Service (IaaS) is also in compliance with every standard and regulation.

Wood explained that within the secure environment, organizations cannot remove or copy files or take them home on a laptop, for instance. “Again, not all traffic has to be super secure,” she said. “Your crown jewels do, as do communications between the executive leadership and the board. But not all data needs to be secured at that level.”

Of course, organizations leveraging the infrastructure will still have (and need) endpoint management and firewalls because not all traffic and not all work needs to be at this super secure level. Examples of other crown jewels include backups, intellectual property or mergers and acquisition data. “That information has to remain private and not hackable,” Wood said.

So why has no one thought of this before? Many have pondered the concept of a separate, secure “internet”. But turning these ideas into tangible, workable solutions is a significant challenge.

“It’s the execution that has made the difference,” she said. “We have to really shift that mindset that there’s another way of doing things. And I think about the potential to change our economy. Because if companies are not always under threat of being hacked, they don’t have to have ransomware payments laying around, and a lot more money goes into what that company actually does, right?”

Does all this version of two internets living as codependents sound too good to be true? Time will tell, but a solution like this, at the very least, provides a glimmer of hope.

More from Risk Management

Crisis communication: What NOT to do

4 min read - Read the 1st blog in this series, Cybersecurity crisis communication: What to doWhen an organization experiences a cyberattack, tensions are high, customers are concerned and the business is typically not operating at full capacity. Every move you make at this point makes a difference to your company’s future, and even a seemingly small mistake can cause permanent reputational damage.Because of the stress and many moving parts that are involved, businesses often fall short when it comes to communication in a crisis.…

Digital solidarity vs. digital sovereignty: Which side are you on?

4 min read - The landscape of international cyber policy continues to evolve rapidly, reflecting the dynamic nature of technology and global geopolitics. Central to this evolution are two competing concepts: digital solidarity and digital sovereignty.The U.S. Department of State, through its newly released International Cyberspace and Digital Policy Strategy, has articulated a clear preference for digital solidarity, positioning it as a counterpoint to the protectionist approach of digital sovereignty.What are the main differences between these two concepts, and why does it matter? Let’s…

A decade of global cyberattacks, and where they left us

5 min read - The cyberattack landscape has seen monumental shifts and enormous growth in the past decade or so.I spoke to Michelle Alvarez, X-Force Strategic Threat Analysis Manager at IBM, who told me that the most visible change in cybersecurity can be summed up in one word: scale. A decade ago, “'mega-breaches' were relatively rare, but now feel like an everyday occurrence.”A summary of the past decade in global cyberattacksThe cybersecurity landscape has been impacted by major world events, especially in recent years.…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today