Post by donaldmoore on Nov 11, 2015 17:42:06 GMT
Israel’s Cymmetria, Which Deceives Hackers, Raises $9 Million
Gartner expects that by 2018, 10% of all enterprises will use deception tools and tactics against hackers. Jonathan Ernst/Reuters
Cymmetria Inc., an Israeli start-up whose software lures hackers into cyber traps within organizations’ networks has raised around $9 million, the latest sign that investors are flocking to one of cyber-security’s hottest trends: deceiving hackers and catching them red handed.
The Tel Aviv-based cyber-security firm makes decoy servers which simulate an organization’s real networks without jeopardizing operations or giving away real data.
California-based venture fund Sherpa Ventures led the funding round, bringing Cymmetria’s total funding to $10.5 million.
Other, more low-tech deception techniques involving the use of fake personas and the cultivation of informants on the deep web –the areas of the Internet you can’t surf with traditional Web browsers –are also becoming increasingly popular.
Market research firm Gartner Inc. expects that by 2018, 10% of all enterprises will use deception tools and tactics, and actively participate in deception operations against attackers.
Many early-stage companies offering such services were founded in Israel, where veterans of the security services and the army’s 8200 signals intelligence unit start their own cyber-security firms or join existing ones.
In September, Tel Aviv-based-based Illusive Networks Ltd., a company whose technology creates false pathways into decoy servers a cyber-intruder can follow, closed a $22 million funding round led by New Enterprise Associates (NEA), one of the biggest venture firms in the world.
Tel Aviv-based TrapX Security Inc., whose technology detects intruders by monitoring network traffic and sends them to a decoy server, raised $9 million in July from Intel Capital and other investors.
From a hacker’s perspective, decoy servers –or so-called honeypots — are difficult to detect.
Hackers usually make their way into a network by gaining control of a single computer. From there they work their way into other areas of a network, looking mostly for higher-level access credentials or data to steal. To avoid being detected, hackers tend to try and use their first point of entry –the initial infected computer –in a way similar to how it is usually used, connecting only with computers with which it normally communicates, for example. A history of the computer’s regular activities can easily be located by searching its registry.
Cymmetria’s system, which can be installed on-site or used over the cloud, leverages this behavior by leaving a false trail of “digital breadcrumbs” of day-to-day activities, like which servers are contacted and when. Once hackers follow those breadcrumbs they are drawn into a decoy server, where they can be monitored.
“Behind every attack there’s a person and that person can be tricked,” said Gadi Evron, Cymmetria’s founder and CEO.
Mr. Evron, a veteran of Unit 8200, previously worked as vice president of cyber-security strategy at Moscow-based antivirus company Kaspersky Labs.
Founded in 2014, Cymmetria currently employs 16 people in offices in Tel-Aviv and San-Francisco. It participated in this summer’s Y Combinator accelerator program.
blogs.wsj.com/digits/2015/11/10/israels-cymmetria-which-deceives-hackers-raises-9-million/
Gartner expects that by 2018, 10% of all enterprises will use deception tools and tactics against hackers. Jonathan Ernst/Reuters
Cymmetria Inc., an Israeli start-up whose software lures hackers into cyber traps within organizations’ networks has raised around $9 million, the latest sign that investors are flocking to one of cyber-security’s hottest trends: deceiving hackers and catching them red handed.
The Tel Aviv-based cyber-security firm makes decoy servers which simulate an organization’s real networks without jeopardizing operations or giving away real data.
California-based venture fund Sherpa Ventures led the funding round, bringing Cymmetria’s total funding to $10.5 million.
Other, more low-tech deception techniques involving the use of fake personas and the cultivation of informants on the deep web –the areas of the Internet you can’t surf with traditional Web browsers –are also becoming increasingly popular.
Market research firm Gartner Inc. expects that by 2018, 10% of all enterprises will use deception tools and tactics, and actively participate in deception operations against attackers.
Many early-stage companies offering such services were founded in Israel, where veterans of the security services and the army’s 8200 signals intelligence unit start their own cyber-security firms or join existing ones.
In September, Tel Aviv-based-based Illusive Networks Ltd., a company whose technology creates false pathways into decoy servers a cyber-intruder can follow, closed a $22 million funding round led by New Enterprise Associates (NEA), one of the biggest venture firms in the world.
Tel Aviv-based TrapX Security Inc., whose technology detects intruders by monitoring network traffic and sends them to a decoy server, raised $9 million in July from Intel Capital and other investors.
From a hacker’s perspective, decoy servers –or so-called honeypots — are difficult to detect.
Hackers usually make their way into a network by gaining control of a single computer. From there they work their way into other areas of a network, looking mostly for higher-level access credentials or data to steal. To avoid being detected, hackers tend to try and use their first point of entry –the initial infected computer –in a way similar to how it is usually used, connecting only with computers with which it normally communicates, for example. A history of the computer’s regular activities can easily be located by searching its registry.
Cymmetria’s system, which can be installed on-site or used over the cloud, leverages this behavior by leaving a false trail of “digital breadcrumbs” of day-to-day activities, like which servers are contacted and when. Once hackers follow those breadcrumbs they are drawn into a decoy server, where they can be monitored.
“Behind every attack there’s a person and that person can be tricked,” said Gadi Evron, Cymmetria’s founder and CEO.
Mr. Evron, a veteran of Unit 8200, previously worked as vice president of cyber-security strategy at Moscow-based antivirus company Kaspersky Labs.
Founded in 2014, Cymmetria currently employs 16 people in offices in Tel-Aviv and San-Francisco. It participated in this summer’s Y Combinator accelerator program.
blogs.wsj.com/digits/2015/11/10/israels-cymmetria-which-deceives-hackers-raises-9-million/