Tech

Companies Look Beyond Firewalls In Cyber Battle With Hackers

Reuters Contributor
Font Size:

By Tova Cohen

TEL AVIV (Reuters) – With firewalls no longer seen as enough of a defense against security breaches, companies are looking at new tools to foil hackers trying to enter a computer network.

U.S. and Israeli startups are leading the way, with new approaches such as “honeytraps” that lure a hacker to fake data or “polymorphic” technology that constantly changes the structure of applications running on a computer.

Some of the technology is still in the early stages and it remains to be seen whether it will be good enough to outfox the hackers.

But with corporate giants such as Sony and Twitter Inc facing high-profile hacks in recent years, companies are desperate for new ideas to make sure financial, personal and corporate data stays safe.

“We view this (deception technologies) as a $3 billion market over the next three years, with Israel and Silicon Valley being the epicenter of this innovation wave,” said Daniel Ives, a senior technology analyst at FBR Capital Markets.

TopSpin Security, Illusive Networks, Cymmetria and GuardiCore in Israel, California-based TrapX and Attivo Networks are among a handful of start-ups forging ahead with deception technology. Israel’s Morphisec and U.S. Shape Security are developing “polymorphic” systems.

Many of those companies use techniques partly developed in the U.S. and Israeli military that were taken to startups by veterans such as Gadi Evron, the head of Cymmetria and of Israel’s Computer Emergency Response Team.

TrapX Security offers DeceptionGrid, a technology using fake information that triggers a security alert.

TrapX clients include Israel’s central bank, U.S. hospital chain HCA, Bezeq, Israel’s largest telecoms group, and Union Bank of Israel, according to Asaf Aviram, sales director for Israel and emergent markets at TrapX.

TopSpin Chief Executive Doron Kolton said his clients include one of Israel’s top five banks, a large U.S. hospital and a mobility technology company. The product is resold by Optiv Security in the United States and Benefit in Israel.

EARLY DAYS

While still a fraction of the overall cybersecurity market, Gartner, a leading technology consultancy, sees 10 percent of businesses using deception tactics by 2018.

But Gartner analyst Laurence Pingree noted that they “have so far had only nascent adoption” as many of the companies don’t yet understand the technology.

“Educating security buyers on its usefulness will be crucial,” he said.

Some in the industry note that several companies including FireEye and CrowdStrike tried to launch similar products three or four years ago before pulling back although analysts say the technologies have improved greatly in the past two years.

“A lot of companies are looking at it but it’s still early days,” said a security executive with a Fortune 500 company.

He said deployments were quite limited, with most trials where business test the product on a limited basis at no cost.

Others said hackers may quickly be able to detect the traps.

“They will be challenged by the fact that (some) hackers are so sophisticated they might detect decoy servers or fake data,” said Ziv Mador, head of research at Chicago-based cybersecurity firm Trustwave.

The technology could offer a second layer of defense to firewalls, which cannot always block malicious attempts, he said, and did not rule out Trustwave offering deception tools in the future.

TopSpin’s Kolton also noted that deception would be “part of a bigger solution” and to “be combined with other things”.

TRAIL OF BREADCRUMBS

The system developed by TopSpin, whose investors include Check Point Software Technologies co-founder Shlomo Kramer, engages attackers once they have penetrated the network. It leads hackers to decoys by sprinkling “breadcrumbs”, such as fake credentials.

While the idea of a honeypot is not new, in the past they were used to alert IT administrators that there was a hacker in the system.

With more advanced technology they slow the hacker and set off tools to stop them getting further into the system. If they follow the trail to the trap, the company knows they are a hacker.

“When someone hits a honeypot it’s malicious activity,” Kolton said.

Attivo’s website says their system lures attackers into revealing themselves when they start to look for “high-value assets”. It also promises no false-alarms, a problem with traditional detection systems.

Other tools are being developed that would prevent hackers from penetrating a network entirely.

Morphisec, backed by Jerusalem Venture Partners, Deutsche Telekom and GE Ventures, has developed technology that randomly changes the structure of applications running on the computer.

“When an attack seeks its target it expects to find a certain memory structure. With Morphisec it finds something different,” Morphisec CEO Ronen Yehoshua said.

Shape Security of California also uses such “polymorphic” technology.

While these new ideas have mainly been generated by start-up companies, investors say bigger, more established security players are interested.

“I’d say that many antivirus companies are already looking into building similar technologies on their own or buying them,” JVP managing partner Gadi Tirosh said.

(Additional reporting by Jim Finkle in Boston; Editing by Anna Willard)

PREMIUM ARTICLE: Subscribe To Keep Reading

Sign up

By subscribing you agree to our Terms of Use

You're signed up!

Sign up

By subscribing you agree to our Terms of Use

You're signed up!
Sign up

By subscribing you agree to our Terms of Use

You're signed up!

Sign up

By subscribing you agree to our Terms of Use

You're signed up!
Sign up

By subscribing you agree to our Terms of Use

You're signed up!

Sign Up

By subscribing you agree to our Terms of Use

You're signed up!
Sign up

By subscribing you agree to our Terms of Use

You're signed up!
Sign up

By subscribing you agree to our Terms of Use

You're signed up!
BENEFITS READERS PASS PATRIOTS FOUNDERS
Daily and Breaking Newsletters
Daily Caller Shows
Ad Free Experience
Exclusive Articles
Custom Newsletters
Editor Daily Rundown
Behind The Scenes Coverage
Award Winning Documentaries
Patriot War Room
Patriot Live Chat
Exclusive Events
Gold Membership Card
Tucker Mug

What does Founders Club include?

Tucker Mug and Membership Card
Founders

Readers,

Instead of sucking up to the political and corporate powers that dominate America, The Daily Caller is fighting for you — our readers. We humbly ask you to consider joining us in this fight.

Now that millions of readers are rejecting the increasingly biased and even corrupt corporate media and joining us daily, there are powerful forces lined up to stop us: the old guard of the news media hopes to marginalize us; the big corporate ad agencies want to deprive us of revenue and put us out of business; senators threaten to have our reporters arrested for asking simple questions; the big tech platforms want to limit our ability to communicate with you; and the political party establishments feel threatened by our independence.

We don't complain -- we can't stand complainers -- but we do call it how we see it. We have a fight on our hands, and it's intense. We need your help to smash through the big tech, big media and big government blockade.

We're the insurgent outsiders for a reason: our deep-dive investigations hold the powerful to account. Our original videos undermine their narratives on a daily basis. Even our insistence on having fun infuriates them -- because we won’t bend the knee to political correctness.

One reason we stand apart is because we are not afraid to say we love America. We love her with every fiber of our being, and we think she's worth saving from today’s craziness.

Help us save her.

A second reason we stand out is the sheer number of honest responsible reporters we have helped train. We have trained so many solid reporters that they now hold prominent positions at publications across the political spectrum. Hear a rare reasonable voice at a place like CNN? There’s a good chance they were trained at Daily Caller. Same goes for the numerous Daily Caller alumni dominating the news coverage at outlets such as Fox News, Newsmax, Daily Wire and many others.

Simply put, America needs solid reporters fighting to tell the truth or we will never have honest elections or a fair system. We are working tirelessly to make that happen and we are making a difference.

Since 2010, The Daily Caller has grown immensely. We're in the halls of Congress. We're in the Oval Office. And we're in up to 20 million homes every single month. That's 20 million Americans like you who are impossible to ignore.

We can overcome the forces lined up against all of us. This is an important mission but we can’t do it unless you — the everyday Americans forgotten by the establishment — have our back.

Please consider becoming a Daily Caller Patriot today, and help us keep doing work that holds politicians, corporations and other leaders accountable. Help us thumb our noses at political correctness. Help us train a new generation of news reporters who will actually tell the truth. And help us remind Americans everywhere that there are millions of us who remain clear-eyed about our country's greatness.

In return for membership, Daily Caller Patriots will be able to read The Daily Caller without any of the ads that we have long used to support our mission. We know the ads drive you crazy. They drive us crazy too. But we need revenue to keep the fight going. If you join us, we will cut out the ads for you and put every Lincoln-headed cent we earn into amplifying our voice, training even more solid reporters, and giving you the ad-free experience and lightning fast website you deserve.

Patriots will also be eligible for Patriots Only content, newsletters, chats and live events with our reporters and editors. It's simple: welcome us into your lives, and we'll welcome you into ours.

We can save America together.

Become a Daily Caller Patriot today.

Signature

Neil Patel