When cyber security professionals think about deception technology, honeypots or honeynets likely come to mind. Yet, these tools are relics of the ‘90s. They may also require millions in expenses, from subscription fees to human resources. Technology has advanced, and 2021 may see more deception technology in play than ever before.
Want adversaries to find fake login credentials and banking details instead of authentic ones? When hackers believe that they’ve found the good stuff, your everyday thief will leave the rest of the system alone. At least, that’s the thinking.
How does it work?
Organizations can either obtain custom-built deception technology or off-the-shelf products. The pre-packaged versions scan networks and then make recommendations regarding where to station different deception decoys. These ‘traps’ mimic servers, files, network segments or valuable services (like Active Directory).
In a short timespan, an organization’s network can look 100x more formidable than it really is. There’s a huge difference between a 1,000 node network and a 10,000 node network.
Deception tech is not designed to prevent a bad actor from getting in. Organizations should continue with other threat prevention methods. However, deception tech can protect an organization’s critical information from prying eyes.
With the use of deception tech, security teams receive real-time alerts when a threat appears imminent. “Once any of the [decoys] are accessed or probed in any way, one centralized console alerts us, so we know to start investigating the source of that activity,” says CISO Tony Taylor, who works with an agricultural group. Employees cannot see these decoys on systems.
Which industry sectors rely on deception technologies?
What about the cost?
On account of the minimal hardware and infrastructure requirements, deception technology is relatively inexpensive to maintain. Nonetheless, deception tech should represent a single layer of a security architecture. Don’t throw out your Firewalls.
Cyber adversaries have revamped their attack strategies. Organizations should do the same. For more on deception technologies, visit SC Magazine