April 2017 Digital Edition
March 2017 Digital Edition
Feb. 2017 Digital Edition
January 2017 Digital Edition
Nov/Dec 2016 Digital Edition
Oct 2016 Digital Edition
illusive networks now offers a solution to thwart email-based attacks
NOTE: An earlier version of this story included a headline misstating the company's name. We apologize for the error -- SB
NEW YORK and TEL AVIV June 12, 2017 illusive networks, the leader in deception-based cybersecurity, today announced the latest member of its Data Deceptions Family: Email Data Deceptions aimed at thwarting attackers who are trying to gather the intel required to execute sophisticated APTs against organizational networks. This breakthrough technology addresses a layer– data level deceptions – described as the most challenging type of deception by leading analysts.
illusive networks Data Deceptions detect attackers’ attempts to use data stolen from files, shares, etc. and now also from emails. Attackers need to gather such organizational intelligence in order to move laterally around a network to execute APTs and reach an organization’s most sensitive and valuable digital assets.
illusive networks’ enticing and very realistic Data Deceptions are invisible to employees while accessible to hackers. As soon as attackers attempt to use the deceptive data, illusive detects and alerts enterprise security teams, providing real-time contextual forensics from the source host that enable informed, targeted and timely incident response operations. illusive’s entire series of deceptions – Network Deceptions, Endpoint Deceptions, Data Deceptions and Application Layer Deceptions - are deployed quickly and agentlessly, causing no disruption to business networks with near-zero false positives generated. This is orchestrated by illusive’s automated Deception Management System™ (DMS), an advanced machine-learning technology based on continuous real-time environment analysis.
Email remains the dominant form of communication across organizations, hosting data that is highly valuable to attackers. Consequently, email systems are one of the most popular targets for hackers to breach. By using tools to discretely collect data that resides within emails, attackers can obtain information that will allow them to seamlessly move laterally across an organization’s network, as though they were legitimate members of the organization. While the headlines have focused largely on email attacks that have led to exposure of embarrassing or highly confidential information, the less discussed yet highly worrisome email attack involves attackers mining and using sensitive data found in email to move laterally within a network in search of an organization’s crown jewels.
This latest series of deceptions demonstrates illusive’s capability and commitment to continually advancing the deception stack across all four layers to make deceptions believable and effective across the entire network. Moreover, their deceptions are orchestrated to constantly change over time, playing an essential role in tricking hackers performing an APT as they learn the environment and perform repeated actions. Continual changing of deceptions also prevents returning attackers from using previously harvested information about the network they are breaching, further delaying their execution to move laterally across the network.
illusive networks’ CEO Ofer Israeli says, “Data collection is essential to executing APTs and deceptions at that level are very difficult to create. Introducing the most challenging type of deceptions at this crucial vector further illustrates illusive’s role at the forefront in the next evolution of cyber defense.”
Alongside illusive’s new Email Deceptions from the Data Deceptions layer, illusive has delivered several cybersecurity industry firsts including: Deception Management System™; Attacker View™, a sophisticated breakthrough technology that exposes hidden cyber attack paths, enabling IT professionals to adapt their security strategy to mitigate advanced attacker's lateral movement; Wire Transfer Guard™, the first cyber deception technology to protect wire transfer banking systems against targeted Advanced Attacks; and Advanced Ransomware Guard™ blocks ransomware activity at the source host before it gains a foothold in the network.