Use their Weapons to Fight Hackers
2021-08-16
Peter Roth, CIO of ANASOFT
DECEPTION TOKEN TECHNOLOGY
To defend against computer criminals you must think like them. Advanced threats require advanced solutions. Among the solutions are deception and creation of tokens to grab harmful actors that enable faster detection of attacks. Those technologies can lure the criminal to be caught in a trap and significantly enhance the chance of security teams to the fast and secure discovery of attacks.
What is Deception Technology?
Deception technology or technology of traps is an effective approach to defensive systems which discover threats timely by reducing false alarms with a minimal degradation of the network capacity. This technology create traps – realistically created false assets such as domains, accesses to databases, servers, applications, files, user rights and others. They are placed in a network along with legitimate assets. For the attacker there is no way to distinguish between the false and the real. At the moment of the interaction with the trap a quiet alarm is started while other security features collect information of the invasion and the target of the attacker.
Social engineering against the hackers
It is important that the firm has its own traps and false targets that can confuse the hacker in the network.
IT firms that provide technology detection services have their know-how of how to deal with attackers. Against them is often used their own weapon, namely social engineering. Exactly same way are the traps created to ensnare them.
Discover/Warn/Provide Data
Deception technologies, after the installation of traps, immediately detect suspicious activities of the hacker in the critical system. It takes about one half of the year on the average to discover a hacker by the company. Well placed deception technology can significantly speed up the presence of the unwanted guest.
Deception technology is capable to inform about current security attacks through standard monitoring tools. At this time the question is not whether the firm will be cybernetically attacked but when.
Deception technology provides data for further investigation of the attack vectors.
Creation of Traps
The basis of the deception technology is the creation of the “virtual minefield” consisting of thousands of attractive lures and false targets. These are the so called tokens which lure the attacker and this way prevent attacks on the critical systems.
Traps need to fulfil the following characteristics:
- Attractive to the hacker in order to be used in the preliminary phase of the attack
- Totally passive
- Looking authentic
- Typical user cannot have a simple access
- The applications are not processing in the RAM or are installed at the computer
- The computers lack indication of the tokens’ existence.
Who Should Use Deception Technology?
It is known that the number of cyber-attacks increase every year, most of them are unknown to the companies affected. Deception technology is utilized by the biggest and security sophisticated organizations. Increasingly, even smaller firms realize the risks associated with such attacks and therefore, consider such technology attractive.
Benefits of Use
Increased detection of threats clearly recognize that the attacker is in the network. Deception technology is invisible to the attacker and the traps cannot be detected and reacted to. Utilized traps are based on real activity which reduces the number of false alarms. Well placed traps immediately warn about suspicious activity. This reduces the damage caused by the attack. Traps generated in this fashion about the attack have a large degree of believability and provide in real time to security teams opportunities for preparation of defensive scripts.