Illusive Blog June 29, 2017

The Antwerp Diamond Heist - A Lesson Leading to Deception

By Beth Ruck

The Antwerp World Diamond Center (AWDC) heist is one of the most notorious robberies in history. The AWDC used elaborate security mechanisms to protect diamonds, including a private security force, a lock with 100 million possible combinations, infrared heat detectors, a seismic sensor, Doppler radar and a magnetic field. After planning an attack for four years, the thieves ultimately managed to breach every aspect of the preventive defense system. They made off with about $115 million in diamonds, limited not by the number of diamonds they could get their hands on, but by their physical ability to carry them all. 

Ofer Israeli, illusive networks’ CEO and founder, told this story at “Rethink Cyber: 8 talks, 8 minutes”, Team8’s opening event at the Cyber Week Conference, June 2017 Tel Aviv. He was among the top security leaders invited to present on innovations and trends shaping today’s approaches to cyber security. To challenge conventional thinking about cyber security, Ofer speculated: What if the thieves arrived at the Diamond Center and the elements within it were replicated a thousand times? They would not have been able to determine with certainty which security camera was truly operational, which floor housed the vaults, which vaults contained the diamonds, and so on. Their odds of finding the target would be vastly reduced; the attack would have been paralyzed.  

Like the diamond thieves, Ofer said, advanced cyber attackers carefully model the environment of their targets. Although it would likely be impossible to replicate physical elements in a physical environment such as AWDC, in the cyber realm, these deception tactics are possible.

rethink cyber - deception technology

Following Ofer’s presentation we presented a high-stakes game called Diamond Deceptions to illustrate one of the core concepts of deception technology. Hundreds of “diamonds” were mounted on a wall. The vast majority were deceptions – fake diamonds – but among them were three real gems. 

By injecting endpoints, networks, applications and data with fake information, illusive’s deception technology proactively lures, detects and stops attackers in their tracks – in real time. Unable to discern real from fake, the odds of an attacker finding a path to the real crown jewels is reduced to near zero. With a deception approach, defenders can proactively detect and combat so-called Advanced Persistent Threats, rather than reacting to an attack after the fact. To find out more about how deception can transform your ability to protect your prized assets, access our whitepaper “Deception – Attackers’ Achilles Heal”