After Autonomy, Founder Mike Lynch Invests in a Honeypot for Hackers
Former Autonomy CEO Mike Lynch, who has been accused of misrepresenting financial results before his company was acquired, is re-emerging as a venture capitalist.
His $1 billion fund's first investment: Darktrace, which describes itself as a behavioral cyber defense platform that seeks to lay bait for hackers -- both those inside the company and from further afield -- to get them out in the open.
"The industry is still walking around in the 14th century, telling people to build their cities on hills with walls around them," Lynch said in an interview in West London. Darktrace is based on the concept that instead of attempting to keep hackers out, deal with the ones who are already inside your network.
Lynch is re-inventing himself following Autonomy's controversial acquisition by Hewlett-Packard for $11 billion in 2010. The purchase later contributed to an $8.8 billion writedown by HP and led to accusations by the Silicon Valley giant that managers of the U.K.-based company overstated revenue growth prior to the deal.
Lynch has denied those claims and said HP mishandled the purchase. The U.K. Serious Fraud Office and the U.S. Securities and Exchange Commission are investigating the allegations. HP has until January to complete an internal review of investors' security-fraud claims surrounding the deal for Autonomy, which makes data-analysis software.
With Darktrace, the company makes software that sits inside a company's computer network and learns about users' behavior. The program will know if certain employees typically go to particular websites or access specific kinds of data on the system. That way, an alarm won't go off when someone from marketing sends a promotional video to clients every month, but a big transfer of data from another employee will raise a red flag.
The software can also set traps for hackers by creating fake data and folders to lure them in. The system can then track the honeypot file and see where it's being accessed from and sent to, in order to find the intruder, Lynch said.
One firm using Darktrace caught "relatively honest" employees trying to find information on a celebrity client, Lynch said. The system knew that those employees shouldn't have access to that particular file and stopped them.
"You can assume you're already infiltrated, you can assume the threat comes from insiders," said Lynch. "The model of not interacting means that the company won't survive. You've got to have an immune system."
Lynch declined to name any Darktrace customers or say how much he'd contributed to the company beyond saying it fits within the policy of his firm, Invoke Capital, of investing up to $20 million in its startups.
--With reporting by Karen Gullo in San Francisco.