The Allies employed almost all kinds of sneaky and dishonest tricks in World War II to fight their enemies and to deceive them into thinking that they had more weapons and troops at their disposal than they actually had. The biggest deception from the past was Operation Fortitude that fooled the Nazis about where the D-Day landings would take place. Now, the tech will be doing the same to battle hackers.
Principles of misdirection and deception to be used again, this time to fight cybercrime
Cybercrime is on the growth now. The hackers, who started by getting into your phones and emails ids, are now going into the database of not one or two people but people of several countries together and then demanding money to surrender that data.
The same principles of deception and misdirection, which were used in the past, will now be used – though in a much smaller scale –by some organizations to battle malicious hackers who are trying to establish a bridgehead on internal networks. Ori Bach from deception technology firm Trapx said, “It’s a classic idea of warfare to prevent the adversary from having a real understanding of your reality. It’s just like the Allies in WWII. They made fake tanks, fake air bases, fake everything.”
The fakes implanted on a network look like the weapons of war. Bach said, “We create a shadow network that is mimicking the real network and is constantly changing.” No organization can use perfect digital defenses to thwart the attempts of hackers. Mr. Bach said that it was worth preparing for their arrival by setting up targets that are simply “juicy for the malicious hackers to ignore once they land and start looking around.” He added that they want their shadow network to be more attractive to the hackers than the real stuff.
Seeding networks will limited valuable data can irritate the hackers and confuse them
Joe Stewart of deception firm Cymmetria said that the deception tech has grown out of work on another useful cyber-thief tracking technology dubbed honey pots. Honey pots are computers that look like a typical corporate server to the automated tools, which several hackers use to scour the net for targets. Several big security firms have set up a large number of individual honey pots to gather intelligence about those tools and the malware that is being used by the hackers to subvert them, said Mr. Stewart.
He added that the issue with these honey pots is that they are passive and only involve a few separate servers. Deception tech is mostly used on a grand scale so that any hacker who turns up has only some clue about what is fake and what is real. Kelly Shortridge from the security arm of defense firm BAE, said that the organizations do not have to commit large amounts of resources to deception systems to slow down and thwart hacker gangs. She said that more straightforward techniques can assist in diverting attackers and wasting their time as well.