Deception is Newest Trend in Cyber Protection
With a rise in fake news and alternative facts, deception is a sign of our times. It might not always be negative. In the world of cyber security, several start ups are using deceptive techniques to thwart cyber attacks. Investors in this new form of security include banks like Citi, software giants like Cisco and Team8, an Israeli security incubator whose founders are former members of the Israeli Defense Forces. High level stakeholders have placed a lot of money, and faith, in the future of deception. Here’s how the deception market works.
Large organizations have large digital infrastructures. With cloud technologies, email, applications and data storage comes many potential openings for cyber attacks. DDoS, or distributed denial of service attacks, are the most recent wave of multi-vector cyber attacks that exploit potential openings and bombard systems with multi-stage attacks. As hackers become more sophisticated and as systems become more sophisticated, security is a game of cat and mouse. Deception side steps this scenario entirely.
Security experts agree that phishing and email attacks exploit the one element of a system that IT cannot control, the end user. Experts know that preventing an attack with firewalls and other seemingly impermeable protective layers is an exercise in futility. Startups, like Illusive Networks, build duplicitous networks to trap hackers. Think of it as a bait-and-switch. Hackers enter a system with the belief that they are gaining access to a major network. Instead, they have entered a augmented, or virtual, reality. As they perform their malevolent acts and attempt to better understand the network, they become locked in the system.
Illusive Networks CEO Ofer Isreali explains that once a hacker is trapped in the system they can be booted out or stuck inside of it forever. Either way, the hacker will be identified and deceived.