Kudelski Steps Up Security by Integrating Illusive Networks’ Deception Management

Kudelski Security has beefed up its managed security services (MSS) by integrating decoy technology called Deception Everywhere from Israeli based Illusive Networks.

Kudelski claimed this to be the first use of the technology in a major managed security services package. There are however a variety of security offerings based on the related concept of honeypot technology, which involves setting traps within networks to lure attackers and detect or at least deflect them. Sometimes called a Venus Flytrap, a honeypot is an application or complete system set up within a network to attract attacks and gain as much information as possible about them. But unlike Illusive’s technology, a honeypot is an isolated ring fenced system, within which all communications are identified as hostile, since legitimate users are kept away. The idea is that logging and then analyzing activity within the honeypot can provide useful information about the way attacks are conducted, as well as deflecting them and if possible identifying the source for subsequent legal or other action.

But by being isolated, honeypots themselves can be vulnerable to identification and evasion by attackers, so that they can be neutralized. This was pointed out in a recent report by Frost & Sullivan entitled Why Deception is Essential to your Cybersecurity Strategy. The report recognizes that honeypots can gain valuable information about an attacker’s tactics, techniques and procedures, but only so long as they really do appear to be real. Apart from risk of discovery, there is also the danger that being scattered throughout a network a hacker or pirate may not reach them and so still be able to complete the attack or content theft. Attackers may never be lured into the Venus Flytrap.

By contrast Illusive Network’s approach blankets the entire network with the decoys so that attackers cannot avoid them, while also mimicking genuine activity so that they are well disguised. The deceptions have been built up over time as part of Illusive’s Deception Management System (DMS). This includes credentials, folders, endpoints, servers, and other bits of information that the DMS can draw on to construct a layer of deception tailored to a given customer’s network.

The aim is to make these as authentic as possible so that attackers are deceived into yielding valuable information, just as honeypots are designed to do but sustained over a longer period. Crucially these deceptions avoid yielding any information about genuine assets or entry points to core infrastructure.

Illusive’s technology combines high detection rate with almost zero false positives, according to Tracy Pallas, the company’s vice president, worldwide channels.

Illusive’s technology combines high detection rate with almost zero false positives, according to Tracy Pallas, the company’s vice president, worldwide channels.

Equally importantly according to Frost & Sullivan, the enterprise is not consuming its own resources overseeing the operation, with deceptions created automatically in minutes. The deceptions also evolve transparently as the environment changes, so again no effort is needed to keep them up to date.

This does rely on identifying when attacks take place but, because the technology is deployed everywhere, Illusive claims it is possible to do this by detecting unusual behavior such as lateral movements between points within the network. Such behavior is an inevitable precursor to any successful attack. So far, the company claims this has achieved a very high, albeit unspecified, detection rate, combined with virtually zero false positives. What is unclear is how successful the technology has been in actually catching and prosecuting attackers.

There is one other important point picked up in the Frost & Sullivan report, which is that the technology is priced in such a way that enterprises have the incentive to deploy the technology everywhere rather than saving money by just having it at strategic points. This also makes it simpler to deploy, as compared for example with multiple distributed honeypots.

Kudelski is delivering the technology through its two so called global Cyber Fusion Centers in Chapeaux, Switzerland and Phoenix, Arizona. “Illusive Networks’ Deceptions Everywhere technology is an important addition to our MSS strategy, enabling us to better protect our clients’ critical assets by identifying breaches more quickly, slowing attackers down and reducing the damage they can cause,” said Rich Fennessy, its CEO.

“Our industry-leading, pre-emptive deception technology will greatly enhance Kudelski Security’s market-disruptive approach of providing more effective and valuable managed security services,” added Tracy Pallas, Illusive’s vice president, worldwide channels.

Meanwhile the parent Kudelski Group has just agreed to acquire Norwegian company Digital Video Norge (DVNor), provider of media asset management services. DVNor will collaborate with Conax, another Norwegian Kudelski company, to strengthen content protection for broadcasters and pay TV operators.


You might also like...

Broadcasters Fail To Address Common Cybersecurity Vulnerabilities

Broadcasters are falling prey to common cybersecurity vulnerabilities as some struggle to adjust to the migration away from traditional dedicated systems to generic infrastructures based on the IP protocol, more like enterprises in other sectors.

Video Piracy Declines In EU

Media content piracy declined by an average 15% across Europe during 2018 according to the European Union (EU) Intellectual Property Office (EUIPO), contradicting the popular notion that the problem is getting out of hand in the streaming era.

Users Resist Tighter Pay TV Security

Video consumers are still reluctant to embrace more secure authentication methods than traditional passwords despite mounting fears over identity theft and intrusion into privacy.

The Proven Essentials to Ensure an Effective UI

Innovation in the media and entertainment industry is at an all-time high with devices, backend technologies, operating systems and consumer behaviors constantly evolving. A key element of this evolution is how viewers see, experience, navigate and consume the content they…

Verimatrix Looks for Content Security Converts on Back of AWS API Integration

Verimatrix is seeking to win major customers in broadcasting and pay TV on the back of API integration of its MultiRights OTT multi-DRM with Amazon Web Services (AWS). As AWS continues its strong advance into video services by claiming some…