ON TARGET... with all the latest IBC 2017 show information and product coverage, by the editors of The Broadcast Bridge - filtered by category.
Click here

Kudelski Steps Up Security by Integrating Illusive Networks’ Deception Management

Kudelski Security has beefed up its managed security services (MSS) by integrating decoy technology called Deception Everywhere from Israeli based Illusive Networks.

Kudelski claimed this to be the first use of the technology in a major managed security services package. There are however a variety of security offerings based on the related concept of honeypot technology, which involves setting traps within networks to lure attackers and detect or at least deflect them. Sometimes called a Venus Flytrap, a honeypot is an application or complete system set up within a network to attract attacks and gain as much information as possible about them. But unlike Illusive’s technology, a honeypot is an isolated ring fenced system, within which all communications are identified as hostile, since legitimate users are kept away. The idea is that logging and then analyzing activity within the honeypot can provide useful information about the way attacks are conducted, as well as deflecting them and if possible identifying the source for subsequent legal or other action.

But by being isolated, honeypots themselves can be vulnerable to identification and evasion by attackers, so that they can be neutralized. This was pointed out in a recent report by Frost & Sullivan entitled Why Deception is Essential to your Cybersecurity Strategy. The report recognizes that honeypots can gain valuable information about an attacker’s tactics, techniques and procedures, but only so long as they really do appear to be real. Apart from risk of discovery, there is also the danger that being scattered throughout a network a hacker or pirate may not reach them and so still be able to complete the attack or content theft. Attackers may never be lured into the Venus Flytrap.

By contrast Illusive Network’s approach blankets the entire network with the decoys so that attackers cannot avoid them, while also mimicking genuine activity so that they are well disguised. The deceptions have been built up over time as part of Illusive’s Deception Management System (DMS). This includes credentials, folders, endpoints, servers, and other bits of information that the DMS can draw on to construct a layer of deception tailored to a given customer’s network.

The aim is to make these as authentic as possible so that attackers are deceived into yielding valuable information, just as honeypots are designed to do but sustained over a longer period. Crucially these deceptions avoid yielding any information about genuine assets or entry points to core infrastructure.

Illusive’s technology combines high detection rate with almost zero false positives, according to Tracy Pallas, the company’s vice president, worldwide channels.

Illusive’s technology combines high detection rate with almost zero false positives, according to Tracy Pallas, the company’s vice president, worldwide channels.

Equally importantly according to Frost & Sullivan, the enterprise is not consuming its own resources overseeing the operation, with deceptions created automatically in minutes. The deceptions also evolve transparently as the environment changes, so again no effort is needed to keep them up to date.

This does rely on identifying when attacks take place but, because the technology is deployed everywhere, Illusive claims it is possible to do this by detecting unusual behavior such as lateral movements between points within the network. Such behavior is an inevitable precursor to any successful attack. So far, the company claims this has achieved a very high, albeit unspecified, detection rate, combined with virtually zero false positives. What is unclear is how successful the technology has been in actually catching and prosecuting attackers.

There is one other important point picked up in the Frost & Sullivan report, which is that the technology is priced in such a way that enterprises have the incentive to deploy the technology everywhere rather than saving money by just having it at strategic points. This also makes it simpler to deploy, as compared for example with multiple distributed honeypots.

Kudelski is delivering the technology through its two so called global Cyber Fusion Centers in Chapeaux, Switzerland and Phoenix, Arizona. “Illusive Networks’ Deceptions Everywhere technology is an important addition to our MSS strategy, enabling us to better protect our clients’ critical assets by identifying breaches more quickly, slowing attackers down and reducing the damage they can cause,” said Rich Fennessy, its CEO.

“Our industry-leading, pre-emptive deception technology will greatly enhance Kudelski Security’s market-disruptive approach of providing more effective and valuable managed security services,” added Tracy Pallas, Illusive’s vice president, worldwide channels.

Meanwhile the parent Kudelski Group has just agreed to acquire Norwegian company Digital Video Norge (DVNor), provider of media asset management services. DVNor will collaborate with Conax, another Norwegian Kudelski company, to strengthen content protection for broadcasters and pay TV operators.

Let us know what you think…

Log-in or Register for free to post comments…

You might also like...

Samsung Gains First Pay TV Customer for Smart TV Security Dongle

Samsung has announced Germany’s HD+ satellite service as the first customer for the TVkey security USB dongle developed in partnership with content protection technology vendor Nagra. The dongle works in conjunction with a chip in Samsung’s latest smart…

EBU Calls on Broadcasters and Technology Vendors to Strengthen Cyber Security

The EBU (European Broadcasting Union) has called on broadcasters and their technology suppliers to work together over cyber security and adopt best practices already available or evolving in the IT world. The organization representing broadcasters across Europe and in many…

Rethinking Content Protection in an OTT World

In the world of pay-TV there is only one constant: the need for robust content protection. Despite standardization efforts across the industry, device fragmentation still poses a challenge for pay-TV service providers that want to offer secure premium content over…

A Better Way to Manage OTT Rights

For many OTT video distributors, rights management is a challenge. Given the alternative of lacking rights to manage, this is a good problem to have. But slow-paced integrations and makeshift solutions are creating costs and risks that competitive OTT players…

Kudelski Expands Further Through Acquisition of M&S Technologies

Kudelski Group, the Swiss content security and pay TV software provider, has continued its spate of acquisitions by buying Dallas-based M&S Technologies, a supplier of enterprise IT security technology and services, for an undisclosed sum. The move consolidates…