Closing down cyberattack pathways

The advent of cloud and the move towards digital transformation have effectively broken traditional cybersecurity perimeters and made focusing defence efforts on keeping attackers out an unsuitable approach. Firms that don’t have a plan of action for when attackers breach the cyber-front line leave their network acutely vulnerable to attacks on business-critical data and applications.

According to a recent study of more than 600 security professionals by research firm Ponemon Institute, only 36 per cent of respondents believe they are able to detect and investigate attackers before serious damage occurs inside the network.

Once hackers have gained a foothold, they move laterally through the network on the search for high-value assets and increase their level of access in the process. Yet many businesses are still not fully prepared to combat this type of attack, despite the large amounts of money being invested in security technologies.

“Ensuring that attackers, once they’ve breached the perimeter, can’t move inside the network is critical,” explains Ofer Israeli, founder and chief executive of Illusive Networks, the leader in lateral movement detection and prevention.

“During normal use of the network, a company’s employees leave behind data – credentials and unintended connections between computers – that attackers use to move laterally. From a preventative standpoint, this material can be removed to limit the attacker’s options.”

Deception technology can be a highly efficient method of detecting attackers who rely on lateral movement techniques. As opposed to traditional cybersecurity approaches, deploying deception-based solutions brings the burden and battle to the intruder by forcing them to determine what is real and what is fake. At the first wrong move, they are detected.

Instead of creating models that look for tools and methods hackers have used in the past, deception creates a hostile environment, confusing the attacker and detecting the behaviour underlying lateral movement. This enables reliable detection, regardless of how the attackers’ tactics change over time.

Ensuring that attackers, once they’ve breached the perimeter, can’t move inside the network is critical

Deception solutions can, therefore, give dynamic organisations greater confidence in their ability to minimise cyber-risk, allowing executives to focus on their core business objectives. “Businesses can’t stop growing and innovating just because they’re afraid of security failures. Having the ability to expose and stop lateral movement gives leaders freedom to run their business without having to continuously consider cybersecurity,” says Mr Israeli.

Companies that don’t have visibility inside their networks and lack the capacity to limit severely the ability of attackers to move laterally will find themselves at high risk when their perimeter is breached.

Only 28 per cent of security professionals surveyed by Ponemon have the ability to detect accurately credentials that are improperly stored on systems.

“Lateral movement is a blind spot for many enterprises, but our Attack Surface Manager (ASM) solution provides visibility, automatically identifies hidden risks and removes keys that allow attackers to obtain essential assets,” says Mr Israeli.

The approach of Illusive Networks differs to that of other cybersecurity companies in its automation, simplicity and high-fidelity alerts. This solution doesn’t require continuous monitoring or management, but gives customers the confidence that when an attack happens, they are protected.

Illusive’s Pathway functionality shows defenders what options attackers can take to reach prized business-critical assets and helps security personnel remove excess or unauthorised paths without harming essential business connectivity.

By giving security teams the tools to handle the full life cycle of these challenges, Illusive Networks can assist firms in becoming better equipped to deal with cyberthreats. “We pre-empt, detect and respond to any lateral movement that occurs inside the network. This gives peace of mind to businesses knowing their most important data and systems are protected in a way that is simple, cost effective and scalable,” Mr Israeli concludes.

For more information, or to schedule a free Attack Risk Assessment, please visit go.illusivenetworks.com/times