Use their Weapons to Fight Hackers


Peter Roth, CIO of ANASOFT


To defend against computer criminals you must think like them. Advanced threats require advanced solutions. Among the solutions are deception and creation of tokens to grab harmful actors that enable faster detection of attacks.  Those technologies can lure the criminal to be caught in a trap and significantly enhance the chance of security teams to the fast and secure discovery of attacks.

What is Deception Technology?

Deception technology or technology of traps is an effective approach to defensive systems which discover threats timely by reducing false alarms with a minimal degradation of the network capacity.   This technology create traps – realistically created false assets such as domains, accesses to databases, servers, applications, files, user rights and others. They are placed in a network along with legitimate assets. For the attacker there is no way to distinguish between the false and the real. At the moment of the interaction with the trap a quiet alarm is started while other security features collect information of the invasion and the target of the attacker.

Social engineering against the hackers

It is important that the firm has its own traps and false targets that can confuse the hacker in the network.

IT firms that provide technology detection services have their know-how of how to deal with attackers. Against them is often used their own weapon, namely social engineering. Exactly same  way are the traps created to ensnare them. 

Discover/Warn/Provide Data

Deception technologies, after the installation of traps, immediately detect suspicious activities of the hacker in the critical system. It takes about one half of the year on the average to discover a hacker by the company. Well placed deception technology can significantly speed up the presence of the unwanted guest.

Deception technology is capable to inform about current security attacks through standard monitoring tools. At this time the question is not whether the firm will be cybernetically attacked but when.

Deception technology provides data for further investigation of the attack vectors.

Creation of Traps

The basis of the deception technology is the creation of the “virtual minefield” consisting of thousands of attractive lures and false targets. These are the so called tokens which lure the attacker and this way prevent attacks on the critical systems.  

Traps need to fulfil the following characteristics:

  • Attractive to the hacker in order to be used in the preliminary phase of the attack
  • Totally passive
  • Looking authentic
  • Typical user cannot have a simple access
  • The applications are not processing in the RAM or are installed at the computer
  • The computers lack indication of the tokens’ existence.

Who Should Use Deception Technology?

It is known that the number of cyber-attacks increase every year, most of them are unknown to the companies affected. Deception technology is utilized by the biggest and security sophisticated organizations. Increasingly, even smaller firms realize the risks associated with such attacks and therefore, consider such technology attractive. 

Benefits of Use

Increased detection of threats clearly recognize that the attacker is in the network. Deception technology is invisible to the attacker and the traps cannot be detected and reacted to. Utilized traps are based on real activity which reduces the number of false alarms. Well placed traps immediately warn about suspicious activity. This reduces the damage caused by the attack.  Traps generated in this fashion   about the attack have a large degree of believability and provide in real time to security teams opportunities for preparation of defensive scripts.


Digital profile of the organization.

The digital era brings opportunities as well as threats. and not only in the ordinary digital life of individual users, but in the digital presentation of business entities.

Is personal data protection still topical?

Personal data protection is still topical, especially in relation to its implementation in the processes of companies and organizations. 

Password as the First Instance of Protection

Did you know that every 39 seconds a hacker attack takes place, over 2,600 personal records are stolen every minute and that cybercriminals make more money than the trade in drugs?