The hackers, hacked

Israeli company SenseCy fights cyber security with Avatars


In a quiet corner of an Israeli farming village, Tanya sits at her computer and chats online with some of the most skilled hackers in cyber space. Some are just having fun; others are planning heists of credit card details or denial-of-service attacks that would cripple targeted websites.

None of them knows who they are talking to, or indeed that they are all interacting with the same person – Tanya juggles more than 20 different identities and screen names, each with its own avatar, full background history and social media accounts.Welcome to the world of the modern-day corporate cyber spy.

Tanya (who declined to disclose her last name) works for SenseCy, an Israeli cyber intelligence service that aims to use old-school spy tactics to unearth – and warn clients about – cyber attacks before they happen. By engaging with the hackers on their own turf Tanya learns who will be targeted next, and how.

SenseCy is part of a new generation of cyber security companies that have risen in the past few years to challenge incumbents such as Intel Security, formerly McAfee, that are best known for their PC antivirus software.

Cyber attacks are rising, up 14 per cent last year, according to data from Cisco, and boardrooms are getting increasingly worried about the potential threats to their business, after a Russian teenager was linked with the theft of over 70,000 customer details from Target, the US retailer.

The new generation of cyber security companies is growing in clusters in Silicon Valley, Washington DC and Atlanta but Israel is making headway: a quarter of all venture capital funded cyber security start-ups are headquartered in the country, according to research firm PrivCo.

Instead of using firewalls or other automated cyber defences, SenseCy and its rivals CrowdStrike and iSight Partners, which work with the Federal Bureau of Investigation and the National Security Agency, run private intelligence services that serve as aproactive form of cyber security.

In December 2013, Tanya and her colleagues heard the first stirrings of a cyber attack codenamed #OpIsrael planned for April this year by AnonGhost, a Tunisian hacktivist group. In closed forums, AnonGhost provided supporters with a target list and attack tools, including a self-developed malware called AnonGhost DdoSer.Since SenseCy’s operatives were already inside the loop, they were able to download and analyse the malware when AnonGhost released it. The information was passed to clients on the target list, enabling them to reconfigure their cyber defences and repel the attack.

“We collect data about cyber threats and send that data analysed to our clients,” says Assaf Keren, vice-president of Cyber Solutions at SenseCy and the former head of the Israeli government’s cyber security unit. “We have a very large capacity and methodology in how to go online and find information which is available on the internet but not available to somebody just googling ‘cyber threats’.

”“We do something called ‘virtual humint’ [human intelligence]. We operate avatars or characters using our analysts. We create content and a personality and put them inside the areas which are interesting,” he says.

Financial Times, May 20, 2014 – By Matthew Kalman in Bnei Zion, Israel



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s