Illusive’s ‘road to nowhere’ security approach a hit with investors

Illusive’s ‘road to nowhere’ security approach a hit with investors

Israeli cyber-security firm’s solution – letting hackers chase their own tails – gets second major investment in 4 months

A cyber-security firm that defends systems by taking hackers down a road leading nowhere has scored a second funding round in four months.

Illusive Networks announced Tuesday that it had taken in $22 million in a Series B round of funding led by new investor New Enterprise Associates, one of the world’s largest and most active venture capital firms.

That investment followed one in June, led by Team8, which is backed by Google co-founder Eric Schmidt, who praised Illusive’s “game changing, out of the box approach” to cyber-security. The business world is under cyber siege, with cyber attacks dominating headlines.” said Schmidt. “It is critical that we support innovative startups developing creative and disruptive solutions to these threats. Illusive Networks is a perfect example of the kind of ‘out of the box’ thinking necessary to challenge the growing threat of targeted attacks.”

Unlike other cyber-security solutions, Illusive doesn’t try to protect a system from hackers. According to company CEO Shlomo Touboul, it’s pretty much a given that a determined hacker will eventually be able to breach cyber-defenses. To break into a network, hackers often use phishing techniques to fool low-level employees into giving up their logins and passwords. But a low-level employee is not going to have access to the high-level data (like credit card numbers) the hackers want. So, said Touboul, once they “land” on a network they move onto the next step of their plan – gaining access to the secure servers where the real data they want is stored.

(L to R) Shlomo Touboul, Eric Schmidt, and Ofer Israeli cut the cake celebrating the official launch of Illusive in Tel Aviv, June 8, 2015 (Illusive Networks)
(L to R) Shlomo Touboul, Eric Schmidt, and Ofer Israeli cut the cake celebrating the official launch of Illusive in Tel Aviv, June 8, 2015 (Illusive Networks)

For security officers to rely on workers following instructions on ways to keep hackers at bay is risky, said Touboul. “Humans have weaknesses and they make mistakes, and you can’t count on people to do everything they are supposed to in order to keep hackers out, like not click on suspicious-looking links and the like.”

Once they’re in the network, hackers can do pretty much what they want – and what they want is sensitive information in secure files, such as passwords, sensitive communications, bank and financial data, and more. Once a system is compromised, hackers can keep sending in new agents to search for this information, counting on the likelihood that it will probably be a long time before anyone notices their presence.

But what if the hacker was to access phony files with nonsense data – or, even better, login information that will place them on a server that has nothing but more phony data for them to root around in? That is exactly what lIlusive does, said Touboul.

“As successful attackers move towards their target, they rely on one simple fact – that the data they collect is accurate,” said Touboul. “We tamper with that data and create an environment where attackers can’t rely on the information they gather. If the information is unreliable, the attack cannot move forward.”

In fact, if Sony and Target – both victims of huge hack attacks over the past year – had been using Illusive, “those attacks could have been prevented, said Touboul. “Today’s headlines confirm the need for a completely new approach to stopping cyber attackers. Illusive networks creates a hall of mirrors where attackers can no longer determine what’s real and what’s false. Two funding rounds in a four-month timespan demonstrate the confidence prominent investors have in the superiority of our approach.”

Launched less than a half year ago, Illusive’s approach has caught on like wildfire. The solution is deployed across dozens of leading financial institutions, insurance, retailers, law firms, healthcare providers, energy and telecommunication companies in the United States, Europe, and the Middle East.

Illusive’s “detection by deception” technology has identified numerous advanced targeted attacks that went undetected by other solutions, thereby securing its customers’ networks from Advanced Persistent Threats (APT), added Touboul.

“Established security approaches, such as perimeter defense and old school honeypots, are failing to protect networks,” said Kittu Kolluri, general partner at New Enterprise Associates, and the latest member of Illusive’s board of directors. “Illusive has a uniquely innovative vision, scalable architecture, and some of the best security DNA out there. We are thrilled to partner with the team to take deception-based technology to the next level.”

Join us!
A message from the Editor of Times of Israel
David Horovitz

The Times of Israel covers one of the most complicated, and contentious, parts of the world. Determined to keep readers fully informed and enable them to form and flesh out their own opinions, The Times of Israel has gradually established itself as the leading source of independent and fair-minded journalism on Israel, the region and the Jewish world.

We've achieved this by investing ever-greater resources in our journalism while keeping all of the content on our site free.

Unlike many other news sites, we have not put up a paywall. But we would like to invite readers who can afford to do so, and for whom The Times of Israel has become important, to help support our journalism by joining The Times of Israel Community. Join now and for as little as $6 a month you can both help ensure our ongoing investment in quality journalism, and enjoy special status and benefits as a Times of Israel Community member.

Become a member of The Times of Israel Community
read more: