Biblio
This article talks about online deception, deception to them is considered as a deliberate act with the intent to mislead others while the recipients are not made aware or expect that such an act is taking place and that the goal of the deceiver is to transfer that false belief to the deceived ones. Understanding how online deception works through social media and future technologies remains a significant challenge. To address this challenge one needs to design social media applications with various rules and norms that our traditional physical space does not have.
It was concluded that deception technology is a beneficial extension for traditional IT- security. Emphasis was placed on requirement categories, such as psychological, formal, legal and ethical, as well as on recent trends, such as VMI and the field of industrial and critical infrastructure security.
In cybersecurity, deception is redundant if it cannot misdirect, confuse, and lure attackers into traps and dead-ends. It is the art of tricking attackers into overextending and exposing themselves. To deceive attackers, an organization’s security team must see things from the adversary’s perspective.
Virtualizations, machine learning and other technologies have allowed individuals to scale and solve the problem of managing these deception decoys. Virtualization, machine learning, and other technologies have been the shift as to why one can now operationalize deception in their environment, as opposed to earlier, where one could do it, but it was a real challenge to keep up with.
This article talks about the pros and cons of using deception technology. Deception technology can be useful for detecting an intruder before a breach happens, but it is not a set-it-and-forget-it purchase.
In addition to luring attackers away from your real assets, deception tools trick attackers into revealing their hands early. With deception systems, there is no question of false positives and false alerts.
It must be said that not all deception technology is equal. There are many different approaches to the steps required to identify threat actors, and through the use of deception, prevent a breach by moving them out of the production environment and into the deception platform
The effective deployment of deception technology still requires the fundamentals foundations of cybersecurity to be in place. Without network segmentation, proper access control, security systems and reporting – deception technology alone will add little value.
Due to the increase in use of automation and virtualization, deception technology may make inroads into healthcare. This article is about one pharmaceutical company's approach to using the deception technology.
Enterprises and their Security Operations Centers (SOCs) are under siege. Security events are being triggered from all corners of the security stack – from the firewall, endpoints, and servers, from intrusion detection systems and other security solutions.
Here are the five ways deception tech is disrupting cybersecurity:
• Maximum accuracy with minimal human investment
• Get personal with your business
• Ensure a post-breach defense for any type of attack
• Triggers threat hunting operations
• Empowers organizations towards strategy and active defense
Deception technology gives defenders a rare advantage against attackers by doing something that other forms of cybersecurity don’t, it provides early and accurate detection by laying a minefield of attractive decoy systems and content to trip up attackers.
New deception technologies bring a heightened level of aggressiveness in addressing cyberattacks. Dynamic deception steps in, when prevention systems fail, and provides organizations with an efficient way to continuously detect intrusions with high interaction traps, engagement servers, and luring techniques to engage attackers. It does this without requiring additional IT staff to manage the solution.
Defense through deception can potentially level the cyber battlefield by altering an enemy’s perception of reality through delays and disinformation which can reveal attack methods and provide the attributions needed to identify the adversary’s strategy
Deception technologies such as honeypots are becoming increasingly popular with enterprises as the products get more flexible and the tools allow security analysts swamped with incident reports to zero in on cases of actual ongoing infiltration. According to a report released in August by research firm Technavio, the deception technology market is growing at a compound annual growth rate of 9 percent, and is predicted to reach $1.33 billion by 2020.
This article is the second in a five-part series being developed by Dr. Edward Amoroso in conjunction with the deception technology team from Attivo Networks. The article provides an overview of the central role that authenticity plays in the establishment of deception as a practical defense and cyber risk reduction measure.
The primary functional computing requirements for achieving authenticity in deployed deception can be listed as follows: Interface, Performance, Content, Access, and Behavior.
Deception technology is an outside-the-box cybersecurity approach that aims to turn the current paradigm on its head – from reactionary to proactive defense.Traditional, signature-based security measures continue to fall prey to sophisticated zero-day attacks and advanced persistent threats, despite the fact that companies are spending upwards of $3 million per year on information security. It’s time for organizations to get proactive, and use deception technology to enhance the way they architect a comprehensive security strategy. The article presents 4 Things Every CISO Must Know About Deception Cybersecurity.
The aim of deception technology is to prevent a cybercriminal that has managed to infiltrate a network from doing any significant damage. The technology works by generating traps or deception decoys that mimic legitimate technology assets throughout the infrastructure.
The Deception technology enhances both Network and Cyber Security into a more effective security strategy by reducing the false positives, profiling the attack, attacker and the ways of attack.
The evolution of modern enterprise networking has progressed to the point where two conditions make deception an important and urgent control to introduce to a target environment now: Inevitability of attacks and Context-awareness of attacks.
Deception technology is used to lure, detect and defend against attacks. Deception technology should be used within organizations. There are five ways that deception technology is changing the cyber security landscape.
Sandia National Laboratory’s virtual cybersecurity sandbox environment, called HADES (High fidelity Adaptive Deception & Emulation System), applies deceptive techniques. HADES lures hackers into the simulated virtual environment, which includes replicated virtual real hard drives, memory, and data sets. Sandia analysts can then analyze the hackers in real-time.
Usage of virtual machines is one of the ways in which cyber deception is enabled. TrapX Security’s DeceptionGrid solution make uses of virtual machines to lure and trap attackers. Within the virtual environment, an attacker’s actions and techniques can be further analyzed and used to defend against them.
Hackers often perform deception through the use of false flag operations. False flags allow nation-state actors to pose as others in order to further complicate attribution. Russian hackers planted destructive malware, called the "Olympic Destroyer", which contained code deriving from other well-known attacks launched by different hacking groups. This discovery highlights the evolution of deceptive tactics used by hackers.