A new breed of internet-security firms are encouraging companies to fight back against computer hackers
Source Link:
http://www.economist.com/news/business/21583251-new-breed-internet-security-firms-are-encouraging-companies-fight-back-against-computer
“IF SOMEONE is shooting at you, the last thing you should focus on is the calibre of the bullet,” says George Kurtz, the boss of CrowdStrike, a young tech company. Seated at a coffee table at Black Hat, a conference for the cyber-security industry held in Las Vegas recently, Mr Kurtz is expounding on the fundamental flaw he sees in the way many firms deal with cyber-intrusions. Most, he says, spend too much time trying to work out what hit them and far too little trying to understand the motivations of their attackers and how to counter future assaults.
CrowdStrike is a vocal advocate of “active defence” technologies that are generating much buzz in the cyber-security world. Their proponents argue that those who think firewalls, antivirus programmes and other security software are enough to keep their networks safe are kidding themselves. Instead, companies should work on the assumption that their systems have been breached, and take the fight to the hackers. The methods they prescribe include planting false information on their systems to mislead data thieves, and creating “honeypot” servers, decoys that gather information about intruders.
There are worries that such talk of active defence may encourage companies to go further, and “hack back” at their tormentors, even though many countries have laws that forbid such activity. In a survey of 181 delegates at last year’s Black Hat event, just over a third said they had already engaged in some form of retaliation against hackers.
Concerns about cyber-vigilantism have not deterred financiers from investing in tech firms that see active defence as a money-spinning opportunity. Take the case of Endgame, a secretive outfit that is adapting technology developed for intelligence agencies for commercial use. In March it raised $23m in a second round of funding and added Kenneth Minihan, a former director of America’s National Security Agency, to its board. Endgame has reportedly developed a system called “Bonesaw” that detects which software is being used by devices connected to the web. This could be used defensively by companies to detect vulnerabilities on their own devices, but could also be used to spot them on someone else’s.
