decrypting myths
movement, revealing
tactics, techniques
and procedures
(TTPs), and gathering
indicators of compromise
(IoCs), security teams can
confidently eradicate threats
and prepare proactive defences
against future threats.
Turning a cybercriminal’s own
deceptive techniques against them
with realistic decoy environments
and assets will provide a unique and
powerful opportunity for organisations
to shift power away from the
attackers. Would-be intruders will find
themselves lost in a confusing maze
of false assets, while the defenders
gain the upper-hand with valuable
insights for building a pre-emptive
defence and for fortifying their
prevention controls. u
false starts will cause the intruder to
waste precious time and impact the
economics of their attack.
A full distributed deception platform
offers much more than a confusing
house of mirrors to detect attackers
early. It also reduces the attack surface
by providing visibility into attack paths
and exposures that could be exploited to
advance the attacks. The security team
can now predict the paths an attacker
will take and can actively shut these
down and obfuscate attack surfaces to
dramatically reduce the chances of the
adversary’s success. More opportunistic
attackers will often cut their losses in
the face of such resistance and give up,
seeking out lower hanging fruit instead.
www.intelligentciso.com
|
Issue 13
Knowledge is power
More persistent attackers may
continue their attack but will face even
tougher challenges as their actions
now give away useful intelligence
to the defenders. One of the most
powerful capabilities of high-interaction
deceptive technology is its ability
to reveal the methods and tactics
of cybercriminals, providing the
opportunity to closely observe attacker
activity without risking their real
network infrastructure and assets.
Engagement-based alerts are
substantiated, giving defenders the
information to decisively shut down
an active attack. By tracking lateral
Turning a
cybercriminal’s
own deceptive
techniques
against them with
realistic decoy
environments
and assets will
provide a unique
and powerful
opportunity for
organisations to
shift power away
from the attackers.
69