Dummy Network Could Protect Against Hackers
Tech startup Attivo Networks specialises in creating a complete “site of deception” inside a network. This "dummy" duplicate network has the physical signature of the real network, so that is where attacks go while the real network remains secured, explains the company's CEO, Tushar Kothari.
Attivo's solution inserts itself in multiple places across the network and uses advanced dynamic luring to purposely attract the attack. “Once malware is in, it needs to be detected as soon as possible before data is breached,” Kothari says. "We let them attack for a while to assess the threat and use the signature to prevent future attacks.”
The solution is easy to set up. The vendor typically plugs into a vLAN trunk port and acquires unused IP addresses in every subnet it is trying to monitor. Those IP addresses are sent to Attivo's engagement servers and assigned to the vendor's operating systems and servers.
The solution is now used by about 20 clients across different industries including healthcare, according to the company, which caters primarily to large organisations.
In a recent KPMG survey, 81 percent of healthcare executives say their information technology has been compromised by cyberattacks during the past two years. In addition, only half of those executives say they are ready to defend against future attacks.
Compared with previous KPMG polls, the new survey showed that the number of attacks on healthcare IT systems has increased, with 13 percent of respondents saying they are targeted by external hack attempts about once a day.
"More concerning, 16 percent of healthcare organisations said they cannot detect in real time if their systems are compromised," KPMG said.
Source: Attivo Networks
Image credit: Flickr.com
Published on : Sat, 12 Sep 2015