Stay Connected

Congrats! You’re subscribed

  • Facebook Classic
  • LinkedIn App Icon
  • Google+ App Icon
  • Twitter Classic

Spotlight on Cyber Security Israeli Startups: Trapping Hackers

Most of us have, at one point in our lives, sat through a company lecture on threats to our computers. Terms like phishing, malware, and social engineering have become commonplace. We also all have had some sort of antivirus software installed on our computers. But can antivirus software protect network systems when we regularly bring our personal computers, tablets and smartphones into the office space? In the past few years, cyber-crime has become much more organized, enhancing its information gathering, sharing and specialization. It’s pushing cyber security firms to play catch-up in a creative way.

Today’s field of cyber security is being turned on its head by Israeli startups suggesting a unique approach; they’re going beyond the hacking technology and into the minds of the hackers in order to understand their motivation. For example, you may notice that certain hacking attempts surface when a potential company buy-out is in negotiation. The motivation here is to lower the value of the company being purchased. Though financial motivations are important, the actual focus of the new wave of cyber security startups is to step into the minds of the hackers as they perform the hacking process.

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --


Cyber-crime is on the rise:

“The mean annualized cost for 58 benchmarked organizations is $15 million per year, a 19 % increase.”

-Ponemon Institute

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --

To counter cyber-crime, many security companies rely on well-established defensive methods such as “Honeypots’ to attract hackers. Honeypots appear to be part of the company's system, however they are an imperfect solution when it comes to solving cyber security problems. First, they are isolated and therefore might be detected by a sophisticated hacker. Also, with honeypots, confidentiality violations cannot be addressed after they have occurred. Furthermore, setting numerous honeypots at every end point requires onerous monitoring by IT and interferes with the day-to- day of the company’s users. New thinking is necessary.

Gathering inspiration from the animal world, one can see how deception is a highly effective method for deception. For example, one spider species [1] uses the corpses of insects to build a remarkable replica of themselves in a web. The replica is so realistic these spiders even know to tug on the web in a manner that makes this decoy appear animated when predators appear. Applying this concept to cyber security, decoys are utilized and only seem to contain valuable company data. Using a network of decoys, Illusive Networks, an Israeli cyber security startup, forces hackers to make decisions in each step of the hacking process and monitors them along the way.

To get the most out of deception strategy, companies should set priorities regarding the most valuable information such as health care records, financial records, etc. In particular, a company’s proprietary software is a valuable asset, which should be decoyed in the form of similar-looking source code. Illusive Networks understands the motivations of hackers and how they move within the network. In particular, hackers will move differently than a regular user with the end goal of compromising a high-valued asset. As a result, the layer remains transparent to day-to- day users but attractive to hackers so that it does not interfere with the day-to- day operations of the business.

Masking, repackaging, dazzling, mimicking, decoying and inventing are all forms of deceptions that are emerging as new ways to approach hacking. Fighting cyber-crime today means going beyond the software, the hardware and the networks to the hackers themselves, because at the end of the day, individuals are the weakest link.

[1] build-decoys- of-themselves- to-fool-