Illusive’s Deception Ensnares Hackers
This post is also available in: 
עברית (Hebrew)
In the field of cyber security, everyone has one main goal: staying ahead of the game. The hackers are constantly seeking out new avenues of attack: zero-day exploits, poorly protected networks, users who give security up too easily. On the other side of the frontlines there are the security teams, who in their mad dash to patch up holes and prevent data leaks are really mostly trying to catch up. No matter how good your security, hackers have the advantage. In fending off malicious attacks, one has to be vigilant all the time, always correct, and never make any mistakes. A hacker only needs to succeed once, and you’re compromised, your data stolen, and all that hard-worked for security evaporates in a puff.
Israel’s Illusive Networks is changing this paradigm and leveling out the playing field – and they’re getting recognised for their innovation. Illusive’s security systems employs deception and sets up traps for hackers. And once they’ve fallen for one – the game is bust. “Instead of focusing on the malware, focus on the attacker.” says CEO Shlomo Touboul. “He is greedy, he has weaknesses and he makes mistakes.”
Illusive cleverly disguises traps by hiding them among the legitimate servers on the network. At every step hackers are faced with choices between the data they’re after and Illusive’s traps. They may evade some, but odds are on Illusive’s side. There are too many traps, and they look too real and too enticing to pass by. “If he sees a machine named legalserver101 and 101-105 are the real servers and 106-110 are the deceptions, the false ones are compatible with the DNA of the organization. He has to make a move,” Touboul said.
Illusive’s research show that, on average, hackers get caught within three hops. This is early enough in the process for hackers to be noticed before they do any significant damage (or get away with some real valuable data). Network admins then can either trace the intruder’s activity, or shut him out completely. When most organisations are faced with only finding out about a breach post fact, this is a tremendous improvement.
