Deception Technology: Fooling the hacker (Image Credit: Omid Armin at Unsplash)Deception technology is about fooling attackers into going after the wrong parts of your network. It gives defenders an opportunity to stop attacks before they have any impact on real systems or data. It is something that is growing in popularity as defenders look for any edge in the daily fight against cyber attacks.

Carolyn Crandall is Chief Deception Officer at Attivo Networks.  Crandall describes her job as fascinating and says she spends a lot of time explaining why: “Prevention alone is not sufficient, you need mechanisms for detection.” Many organisations set up canary systems and think that is good enough to let them know if an attack is in progress. The problem is that it assumes the attacker will fall for it and you react in time.

Many defensive systems are about stopping the attacker getting into the network. It was a great idea two decades ago when we still had a perimeter. Today, the attacks are just as likely to come from inside the network as they are from outside. This means that the technology has had to evolve.

One way that Crandall sees this happening is mirror matching the production systems. Let the attackers work through a copy and see what they are doing and how. It allows the real systems to be hardened. As Crandall says: “If you can create a system where the attacker cannot tell real from fake you all of a sudden start to tip the advantage back to the defender.”

To hear more of what Crandall had to say, listen to the podcast

Where can I get it?

obtain it, for Android devices from play.google.com/music/podcasts

use the Enterprise Times page on Stitcher

use the Enterprise Times page on Podchaser

listen to the Enterprise Times channel on Soundcloud

listen to the podcast (below) or download the podcast to your local device and then listen there

LEAVE A REPLY

Please enter your comment!
Please enter your name here