Amid the increasing frequency of cyber attacks on both commercial and federal computer systems, an Israeli start-up wants to trap hackers using a trap.
Illusive Networks says that it wants to make the hackers think that they have hacked their way to steal data, which is just a method to capture the malicious attackers.
The software has algorithms that will detect a person on the network that is behaving unusually. For instance, it can detect whether the person is trying to access restricted parts of the network to steal sensitive information.
Israeli-based Illusive Networks said that their software targets hackers that carry out targeted attacks and persistent threats, according to Reuters.
The software entices greedy hackers by showing them an easy path to, for example, a credit card data base, which is just a decoy. The greedier a hacker or a group of hacker is, the better the trap works.
Shlomo Touboul, the Chief Executive of Illusive, said that the attackers are still vulnerable and that they are looking to take advantage of that fact.
Touboul said:” They are human beings, they have weaknesses, they become very greedy”
Their approach is more on focusing on the attacker, rather than the malware used. Most security firms try to reverse engineer malware to find out or trace them back to its attackers, but they usually follow a dead-end.
The startup is very confident about their trap, partly because they have a $5 million in Series A funding from security incubator Team8.
Illusive says that their deceptions are carefully laid out so that the hackers would have a very hard time to recognize them as bait. The software often baits the hackers with both good and bad data, but Touboul said that most hackers already get tangled up in the trap in just three hops.
Hackers Can’t Do Any Damage on Early Stages
Touboul added that those stages are very premature and that the hackers can’t do any damage from the position. Since the deceptions are very attractive to the hackers, they will have no choice but to follow the trail of fake breadcrumbs.
The concept is similar to how Casinos keep bringing in gamblers. Gamblers always push their luck even if the odds are against them, but the house always wins in the farther road, according to Tech Crunch.
Stop Or See Their Moves
Once the perpetrators are caught, the security team has two choices. They can either kick the hacker out of the network, or follow the trail to know where they are, how they hack or even who they are.
Team8 CEO Nadav Zafrir said that the software allows enterprises full control so that they can still assess what they should do if a hacker is detected by the trap. Usually, when a hacker penetrates the system, the IT security departments operates in panic mode.
Touboul said that they have customers who choose to let the hacker loose on the trap network just to see what the hacker will do and how he/she does things.
Google chairman Eric Schmidt was interested and impressed at the startup’s efforts in catching hackers. Schmidt said that Illusive Networks was a shining example of those who can think “out of the box” to adapt and protect systems from the increased cyber attacks.