decrypting myths
Using deception
techniques to
outmanoeuvre
attackers
Throughout history, deception
has been a key strategy
in military operations and
is now being applied in a
cybersecurity context to
not only outmanoeuvre
attackers but also gain
valuable information on their
methods and targets. Carolyn
Crandall, Chief Deception
Officer at Attivo Networks,
talks to us about how
deception technology can help
enterprises even the playing
field of cyberwarfare with a
proactive approach to security.
www.intelligentciso.com
|
Issue 13
C
ybersecurity is
an extremely fast-
moving field, with
new discoveries
on both the
offensive and
defensive sides
constantly changing the rules of the
game. One constant however is the use
of deception. times. The use of false information,
feints and decoys has often provided
an army with a powerful opportunity
to outmanoeuvre and overpower the
opposing force. Examples in modern
conflicts include the use of fake tank
battalions and facades of entire villages
during World War II.
Most attacks begin with the use of
deceptive techniques to acquire key
information or gain a foothold in the
target’s network. Social engineering
methods such as phishing emails
are the weapon of choice for tricking
victims into sharing their login
credentials or downloading malware.
Aside from fooling human users, the
attacker will also need to deceive the
network itself, and its protectors, into
accepting them as a legitimate user
once they have found a way in. While deception in physical conflict
has often been an equal opportunity
affair, in cyberwarfare the strategy has
traditionally only been used by the
attacking side. Cybercriminals have a
serious advantage over their targets
as they are able hide in plain sight and
take their time researching and planning
their attack. In this way, organisations
are tricked into believing what is fake
is real, not only in phishing expeditions
but also when attackers masquerade as
legitimate employees.
The use of deception as a technique to
overcome one’s adversary is not new
and has been an important tactic in
winning physical conflicts since ancient Meanwhile, organisations are reliant on
reactive security controls that postpone
any response until after the attack is
already in motion. Often too late to
A one-sided conflict
67