Hit enter to search

Cyber Defense - Deception Technology as a Tool to Counter Cyber Threat

On August 14, 2020

In Sun Tzu's inimitable Art of War, he observes,"All warfare is based on deception. Hence, when we are able to attack, we must seem unable; when using our forces, we must appear inactive; when we are near, we must make the enemy believe we are far away; when far away, we must make him believe we are near." Deception plays a very significant role in the world of war.

Today, deception has become the basic component of political and military conflict. Our armies and politicians make use of it constantly and effectively almost every day to create a distraction to gain an advantage from their enemies or opposition. It is a form of concealment;an activity that is designed to mislead which is universal in nature. And when it comes to cyber-warfare, the art of war is the art of deception.

Deception occurs more in cyber-warfare than in any other field. The reason could be the ease of impersonation in a virtual world. People do it on the Internet very extensively, be it intentional or unintentional. And since impersonation on the internet is easy, many hackers exploit it.

Types of impersonation:

Phishing:
It is a particularly dangerous kind of impersonation for social engineering that has increased recently in frequency and severity. Here, a perpetrator sends an email to a large group of potential targets, urging them to visit a website with a familiar-sounding name to resolve a bogus issue. For example, a fake email from "PayPal, Inc" may state that "Security updates require you to re-enter your user name and password." The information provided by the victim is then used to commit identity theft or enable espionage.

Spear Phishing:
It is similar to phishing except that in this case the attacker targets individuals rather than the mass, and it is usually more customized. The hacker finds out personal information about the user and makes use of it in his email to make it appear more authentic.

Whaling:
Another example could be of Business Email Compromise (BEC) email fraud, also known as "CEO Fraud" or "Whaling". It has become a major financial cyber threat, affecting businesses of all sizes globally. In such attacks, the targets are usually high-profile employees such as a CEO or a CFO so as to steal sensitive information. Email fraud can take the form of a "con game" or scam as it provides lucrative business for cybercriminals and internet con artists. So, what can be the solution to this problem? Something that can beat attackers at their own game. The answer to this could be in deception itself.

Solution : Turning deception into a weapon - Using Deception Technology
The idea behind deception technology is to prevent cybercriminals from doing significant damage. It is akin to using a decoy to run in a real or virtual operating system to trick the fraudsters into thinking they have breached the security systems.
The distributed deception platforms have grown well beyond basic honeypot trapping techniques and are designed for high-interaction deceptions, early detection, and analysis of attackers' lateral movement. Apart from this, the platforms give security teams an upper hand by changing the asymmetry of an attack. It forces the perpetrator to be on their toes at all times and be on a constant vigil, lest their presence in the system be revealed.

Pros of Deception Technology:

  • Reduced risk:
    It is true that no security solution can stop all attacks from occurring on a network, but deception technology helps to give attackers a false sense of security by making them believe they have gained a foothold on your network, whereas in reality progress is almost nil. Moreover as their movements have been closely monitored and recorded, the knowledge is used to further secure the network. It is a low risk methodology as it has no risk to data or impact on resources or operations and in addition to that it also reduces the noise. It also makes it easy to deploy solutions for detecting and responding to threats —important in this age of staff shortages. So, low risks and great results, a near perfect solution.
  • Automated Alerts:
    Another great advantage deception technology comes with is automated alerts. The threat to corporate networks is always on a rise but the budget to handle the deluge of new threats is rarely increased. With automated alerts, manual effort and intervention can be eliminated. Also deception technology is designed in a manner that allows it to be scaled easily as the organization and threat level grows.
  • Reduced complacency of the IT workforce:
    IT teams are sometimes overwhelmed by the amount of data to be analyzed and constantly checked for breaches. This could potentially lead to a number of false positives and alert fatigue. This could result in them becoming complacent and ignoring a real threat. Thus when a hacker attempts to access the deception layer, a real alert is sounded and enables the admin to take care of it.

Use of Deception Technology in preventing email frauds:

Now, let's come back to the email frauds and how advanced deception can be used to protect an organisation or an individual from email frauds.

The enormity of business loss in terms of statistics:

According to the FBI, BEC scams account for more than $700 million in worldwide business losses each month, though other email attacks come with pretty big price tags of their own. And as per email fraud statistics, 76% of businesses reported being a victim of a phishing attack in the last year and 15% of people successfully phished will be targeted at least one more time within the year. According to Juniper Research, the estimated business losses from data breaches, which nearly always begin with a phishing email, led to more than $3 trillion in worldwide losses this past year.

The evolving and dynamic face of the attacks:

Phishing and email attacks are not only increasing as time goes on and our lives and data get stored online, but they’re evolving. And it is pretty clear that the things at stake are enormous.So, deception techniques can be used in many ways, the attack patterns and targeted information can be found with the help of deception tools by the security teams.

This information is further used to automate the alerts when similar activities are encountered later down the line. As of now, some common attributes found in BEC attacks are spoofed BEC messages, Executive Name forgery, use of attachments, BEC encoded messages, etc., and these attributes have been found with the help of the advanced deception techniques.

Though only available to a select part of the cyber world, they are on their way to becoming a norm. It is expected to be adapted extensively by more corporate organizations to make the systems more secure and trustworthy. Advanced deception technology is the future for a safe and secure cyber network.

Infopercept understands an organization's needs for high security and safety of its IT infrastructure. When there are billions at stake not only in terms of money but also sensitive information, it is but natural to opt for the best in this field.

Infopercept stays ahead of the game as far as cyber defense is concerned. The SOC (Security Optimization Center) team comprises top professionals in the field along with cyber security experts. They work round the clock to ensure the safety of your networks. Prevention is the key. Thus by using cyber deception technology, the defense experts mimic the environment confusing the hacker thus disabling him from causing any real damage.