Moving Target Defense - An Unfair Advantage in Cyber Security

On January 5, 2018

The current game of hide-n-seek between the attackers and defenders in cybersecurity is unfair. The defenders plan the security architecture of an information security system, to prevent threats from attackers who have their own new and sometimes unpredictable ways of compromising a system. Speaking in technical terms, most of the current security systems are static in nature, hence giving the attackers the time to study a system, find its vulnerabilities, and plan an attack. They have an asymmetric advantage, which gives the security architects a hard time predicting a possible exploit.

So, what is the way out of this never-ending game? What if we make our security systems dynamic? What if we give the same asymmetric disadvantage to the attacker? Moving Target Defense systems is the solution we need. It is a whole new revolution in the field of cybersecurity. Instead of defending unchanging infrastructure by detecting, preventing, monitoring, tracking, or remedying threats, moving target defense dynamizes the attack surface and imposes uncertainty in attack reconnaissance and planning. A dynamic, moving target attack surface imposes asymmetric disadvantages on cyber opponents. It invalidates the collected information and thereby prevents the attacker from building a weaponized attack. This may not end the game but would surely throw the ball in the attacker’s court. Some of the developing moving target techniques are system randomization, bio-inspired moving target defense, dynamic network configurations, cloud-based moving target defense, and dynamic compilation.

Amongst the advantages of a moving target strategy, the first prominent advantage is that it frustrates the attacker. With a continuously and dynamically changing attack surface, the difficulty of the attack goes up with time. Attackers are forced to spend resources for monitoring and assessing a changing attack surface for an indefinitely long period.. Secondly, it can be a considerable advantage when an organization goes for scaling. In a static scenario, the expansion of an organization invites more attacks as there’s a greater possibility of a vulnerability left exposed. While in the case of a dynamic security system, the asymmetric disadvantage imposed on an attacker increases. Hence, moving target strategies increase system entropy and efficiency over time and scale.

Such systems also increase the worth of existing controls and methods since it uses orchestration techniques. Speaking in a simplified way, if an endpoint is exploited, shift the attack surface there, or if your cryptographic key is stolen, move your data and change the key. Keep in mind; we are not providing the attacker with some fake data as is done in Deception Technology. Instead, we are shifting around our real data. There’s a considerable decrease in the requirement of threat detection once moving target strategies are applied. In the static approach, we detect the threats (attacker) and work on mitigating them. Whereas in the dynamic approach, we focus on increasing the difficulty of the attack instead of finding the undetected attacker.

Moving target defense strategies are becoming pivotal in the cybersecurity domain. It has even adopted new cloud-based technologies like containers, infrastructure as a code, and orchestration. It has already started making a noticeable impact in both the private and government sectors. The thought of moving the asymmetric disadvantage from the side of the organizations to that of the attackers is a compelling motivation for development and research. It’s strengthening innovation and an embrace of the existing security technologies. As organizations are moving to cloud, newer ways of handling configuration management and security come along with the dynamic environment which cloud infrastructures provide.

It’s a perfect opportunity from a business perspective too. As this technology is evolving, it is becoming possible for even the smaller enterprises to leverage the benefits of moving target strategies into their security frameworks. It safeguards the data in untrusted networks and environments too. Hence security teams can convince the management to adopt this technology without breaking policies or compromising security standards. With Moving Target Defence Technology, Cybersecurity experts like Infopercept have an unfair advantage over the attackers and the tables are completely turned in favor of enterprises.

CISOs should really consider allocating a budget for moving target defenses in their organizations. It will be an opportunistic approach for private and government sectors to invest in this field if they want to become more proactive if compared to today’s reactive security posture. The advancement of moving target defenses will continue to grow, making more efficient, cost-effective and, scalable security systems by the alliance of researchers, experts and government support. This strategy will draw on to emerge as new tools, technologies and techniques come into existence that can support an effective moving target defense approach. Hence, preparing us against advanced threats and cyberattacks.

Infopercept has been at the forefront of technology innovation in the field of Cybersecurity. We help our clients to adapt to the latest technologies and our Security Optimization Center has been at the helm of creating paths for advanced defence systems against perceived threats. As a leading Managed Security Service Provider, Infopercept has the capabilities and proven experience in a dynamic and challenging Cybersecurity World.