New software detects hackers

A study by the Ponemon Institute, a company specializing in personal data in the network, said that 93% of companies have been hacked at least once in the past two years and 70% of the network applications are not effective against attacks by hackers because they occur in real time.

Hector Leal, general manager ProtecktNet, company responsible for computer security, said the problem is that in Mexico, and Latin America, companies have developed portals without resistant source code.

This is why we created Mykonos, a software that “attempts to analyze what skills and how they were used to access the portal code in order to generate a hacker free digital DNA,” explained Leal.

Mykonos is developed so it detects the intruding hacker through a process called “Obstacle race”.

The program creates a replica code (a honeypot), which allows the hacker to interact thus analysing his/her capabilities and after that, depending on the established objective, be warned of the hack or have the hacker reported for his/her actions.

Kyle Adams, developer of Mykonos, explained that the purpose of this system is to see the type of penetration it is. “There are people who only seek to enter the enterprise network to demonstrate their skills and the more obstacles you establish, the harder they’ll try because it will be a challenge.” Adams explains that is in the case it’s an aggressive attack, the program offers malicious information to “frustrate the individual” and blocks the attacker, not the IP address as it is currently common practice to use proxies to disguise from where the hacker enters a site.

“This works on two levels: first place cookies on the computer of the intruder, and then it detects how the hacker is communicating with the site and how deep they can penetrate and then a pattern is established and a profile is assigned in case the intruder tries to enter from a different location or what their procedure is”.

Another feature is the location of “Zero-Day attacks”, ie entry methods that have not been detected yet, but the hacker invented and uses for the first time on a particular organization. All this is visible from the console interface that detects the number of active users on the portal and the amount of malicious activity, so that the system warns (with an announcement and a map of the location of the assault), or refuses access.

Hector Leal concluded by saying that this type of software is new in Mexico and Latin America and hopes it will be useful helping organizations identify vulnerabilities on their portals.

Enjoyed this post? Share it!