How David Koretz Hoodwinks Hackers
Correction: Mykonos Software’s product aims to thwart website attacks using “intrusion deception,” not “intrusion detection.”
David Koretz didn’t know much about computer security until his company, BlueTie, which provides e-mail services for businesses, started getting hacked. Organized crime figures sought credit-card numbers. Jilted lovers searched for evidence of partners’ infidelities. Workers tried to sabotage their bosses’ files. “You have this weird amalgamation of all these different types of people that you can call hackers, but they all look very different,” Koretz says. “It turns out it’s incredibly hard to defend against an attacker that you don’t understand.”
Koretz, 33, is nothing if not resourceful: He started his first company when he was 14 and has acted as his own attorney to wiggle out of seven speeding violations. In 2009 he came up with an unorthodox approach to computer security and founded Mykonos Software. Koretz and his team have designed an “intrusion deception” software product that aims to thwart website attacks by setting traps to confound hackers.
The security software’s central aim is to slow adversaries down and make it too costly and time-consuming to continue their online assaults. Mykonos plants fake files on its customers’ websites to confuse intruders. The software can also flood hackers’ automated scanning programs with information about vulnerabilities on the customers’ sites that don’t actually exist. In either case, Koretz says, hackers might spend months chasing down leads that go nowhere, and eventually give up. “It’s akin to putting all of your data at the top of Mt. Everest,” he says. “There are always going to be people who can climb Everest, but doing it will be orders of magnitude more difficult.”
Mykonos provides security to magazine printer Brown Printing, as well as banks and government agencies. The software is popular because it empowers geeks to fight back. Once it spots hackers trying to infiltrate a client’s network, the program starts messing with the attackers’ PCs. One feature flashes maps of the hackers’ locations and recommendations for nearby defense attorneys. Another disrupts the attackers’ Internet connections so they have to perform their hack in slow motion. Yet another delivers a patronizing pop-up screen that offers the attackers hacking advice and consoles them for getting caught.
Mykonos’s techniques “will be a future element of all security platforms,” says Neil MacDonald, an analyst with Gartner. “Most security technologies today are focused on intrusion prevention—‘I’m going to keep the bad guys out.’ It’s important, but it’s not working 100 percent.”
One company that saw the potential was Juniper Networks, a computer-networking equipment maker, which bought Mykonos for $80 million in February. Koretz has decided to stay with Juniper, saying he wants to learn how large organizations work—and continue evangelizing for a hard-to-digest concept. “I don’t think perfect security is real,” he says. “What I want to do is build the biggest mountain I can.”