Deception Technology - The new frontier of defense against cyberthreats
by Bhaskar Bose, Content Developer, Rackspace Technology
Introduction to the Deception Technology concept
Deception technology is a new and exciting frontier for cyber resilience against bad actors and cyber threats. Deception technology is a new technology in cybersecurity against bad actors and cyber threats. This agent-less technology is designed to prevent malware attacks and actual human hackers from entering the network, with early detection, continuous interaction with the bad actor while sending reports in real-time
How does the technology work?
Imagine a bad actor trying to hack into a secure network of a large financial institution (not quite fictional, because these incidents happen all the time). They’ve used some password hacking or employed a brute force tool to break into the network. They plant user agents to connect to the host machine, and lie in wait, to connect to one or more host users, preferably one with elevated access permissions and rights. If they are successful in connecting to the host agents within the network, they can easily carry out the planned attack.
Except for one small problem: the network has synthetic agents, via which deceptive data about the network’s resources emulate devices and users, and have deployed highly interactive decoy tools, which leads the hackers to think they’re interacting with actual users within the network. The hackers have thankfully not connected with any real users all along though, and their activity in the entire process have been alerted to the network administrators, along with their data.
The algorithm that powers the software is focused on exploiting the weakness of hackers and instead of strengthening the security firewalls and end point defense, it instead focuses on identifying the initiator of these attacks. Although the concept of honeypots to lure hackers into identifying themselves is not entirely new, deception technology focuses on providing the much-needed credentials by hackers. This is, however, built on a synthetic network to stop them within the first few attempted attacks before they can cause any actual damage or successfully steal valuable data from the organization.
Added advantages of the technology:
False information and artificial user agents are flooded into the networks and are visible only to the attackers and not any genuine users within the network. This has the added benefits of not affecting any of the day-to-day operations within the organization.
Network administrators also have the advantage of shutting down the entire attack as an option or observe the hackers accruing real time breaches as part of their forensic programs.
This out-of-the-box technology has the capability, unlike its predecessors, of preventing high profile hacks. The process of deception technology even provides options to the hackers to choose between ‘good data’ and ‘bad data’, and if hackers choose the ‘good data’, they proceed to the next steps towards accessing the organization’s database. However, they are eventually stopped and reported with synthetic user agents reporting their activities, every step of the way.
Conclusion:
Deception technology, such as those being offered by Illusive Networks, an Israel based company, has been very well received by financial institutions, banks, insurance, and healthcare companies, which rely heavily on keeping their customer and transactional data safe. This technology holds promise for the future of cybersecurity, wherein it is poised to expose bad actors and actual hackers trying to breach networks actively, and not just with passive tools like malware and phishing tools. This new and exciting technology brings about a new dimension in companies’ cybersecurity arsenals to protect data and expose actual threats and malicious actors.
Recent Posts
Patrones de redes híbridas de Google Cloud - Parte 2
Octubre 16th, 2024
Patrones de redes híbridas de Google Cloud - Parte 2
Octubre 15th, 2024
Cómo aprovecha Rackspace AWS Systems Manager
Octubre 9th, 2024
Windows Server impide la sincronización horaria con Rackspace NTP
Octubre 3rd, 2024