To block an attack - even predict one - you need to study who might be after you. That sounds just like Home Alone, that old 1990 comedy with the boy hero who creates havoc for the robbers who try, and fail, to get into his house.īut decoys are a response after someone has already struck. You also learn how they behave - their strategy - and toy with it. When you do that, you not only pinpoint where the hackers are. I am looking over his shoulder," Kolton explains. "I am seeing whether he wants to steal my watch, or he's looking in the drawers for money or anything else. Lure them into fake rooms with fake data - and observe. So you can leave some fake keys around, some breadcrumbs. Kolton takes advantage of the fact that once hackers are in a network, they don't know where to go. "We are setting, embedding, decoy system inside the organization, and the decoy system luring the attackers and the malware to get into those systems," he says. So when they do, you've got to trick them. The culprit, it turns out, was a janitor who didn't wash his hands.īut contain as you may, says Doron Kolton, founder of TopSpin Security, the good hackers will always break in. Those cycling gloves."īromium's digital hygiene approach reminds me of the hospital drama ER - like the episode when a staph infection runs rampant through the ward, knocking out patients and staff. I don't know - you have those gloves where your fingers are coming out. For example, Internet Explorer, he says, is "barely a glove. Right now, Kashyap says, some of the most popular software on earth doesn't bother to contain or contains poorly. So that in case you got infected, you don't have to worry about it. "And once you're done," Kashyap says, "we throw them away. The virtual machine is a protective layer - like putting thick latex gloves on doctors and nurses. The company builds something called a "virtual machine" at the micro level - that is, around anything and everything you might open - an email, a new tab on your Web browser, a Word document, a PDF.Įssentially, Kashyap says, "we assume that the attackers are going to attack you no matter what you do." To stop it from spreading, Bromium contains it. "All it takes is one user in a large organization making one single mistake, and they're in." "It's become obviously too easy for the hackers," says Rahul Kashyap, its chief security architect. To help dramatize those differences, it might be helpful to compare each to a movie or show you may have seen on TV. Here, we take three companies working on the issue in different ways. and bam! The hackers are in - and can remotely control your servers, exfiltrate documents and more.Īcross the cybersecurity industry, startups are trying to figure out how to solve this problem - and they're developing some very different approaches. malicious software in the message injects itself into the corporate network. We're still waiting for details on how the hack against the health care company Anthem occurred.īut there's a classic approach behind many of the cyberattacks that make the news: An employee in the company gets an email with an attachment. Dmitri Alperovitch, co-founder of the cybersecurity startup CrowdStrike, says his company is building stockpiles of intelligence about potential hacking groups.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |