5 Deception Technologies for Evolving Cyberthreats

Illustrative image of fishing lures. Deception technology is a lure for cybercriminals.Attack, defense, risk, threat. The language of cybersecurity sounds like a glossary of terms for all-out warfare. In many ways, that’s exactly what it is. Cybersecurity is an ongoing, ever-changing battlefront for the protection of your data, your users, your assets and your reputation.

For more insight into the shifting landscape of cybersecurity, download our eBook, Transforming Enterprise Cybersecurity.

Fortify the perimeter with basic security measures

Your first line of defense should always be the diligent implementation of basic security controls like security patches, antivirus software updates, routine backups, user identity management, and established security policies. These will go a long way toward reducing your attack surfaces and, just like locking your doors and adding security lights makes your home less appealing to the average thief, these methods make your network less tempting to the average hacker.

Defensive tactics for evolving cyberattacks

For those attackers who see your network as a viable target, deploying defensive deception methods will make it more difficult, time-consuming and cost-prohibitive for them to attack.

“Appear weak when you are strong, and strong when you are weak” Sun Tzu, The Art of War

Deception technologies are the next iteration of cybersecurity defense and offer some differences from traditional honeypots. Honeypots are “bait” systems created to be enticingly vulnerable and are isolated from your actual network. While you can use honeypots to learn more about an intruder, what they are after and the methods they use, they require expertise to set-up and manage. Because honeypots are easily detected, attackers often “escape” before there is a chance to learn their techniques.

With deception technology, your network is like a room full of tripwires. Deception technology tells you the who, what, when and where of a breach. Deployment, detection and defensive action are automated. This reduces the strain on your security team’s time and skills resources. Because your actual network is more closely imitated, attackers engage longer in their fruitless pursuits. This additional time gives adaptive and machine learning processes enough time to use the hacker’s information to create a stronger network.

Overview of top deception technologies

Distributed decoy systems

These solutions distribute fake decoy endpoint systems throughout the enterprise and offer enhanced detection compared to more traditional solutions. Because legitimate users have no reason to interact with decoys, attacks can be rapidly identified, and fake positives greatly reduced.

Endpoint protection platforms

These systems can leverage deception to thwart malware installation by making attackers believe the endpoint is in a virtual environment in order to throw off malware profiling processes, or by emulating the processes of disparate anti-virus products to induce dormancy.

Intrusion prevention systems (IPS)

IPS appliances can invoke deception with TCP at the network protocol layer. Basic deception techniques such as TCP targets can be used, and/or integration with more advanced deception technology such as decoy systems can be leveraged.

Next-generation firewalls

Firewalls with next-generation capabilities can enhance deception in protected network zones. Action in specific policies can be set to “deceive” and deception responses can be generated either by the firewall itself or through integration with other deception solutions.

WAFs and application deception solutions

Web application firewalls (WAFs) and application deception solutions can help to disrupt attackers’ automation with Web and Web application deceptions, Web browser and HTTP countermeasures, as well as the obfuscation of HTML content and application inputs to reduce attack surfaces.

Sirius can help you advance your security program with the right deception technologies from our partnerships with leading-edge technology providers. We also provide expert implementation and advisory services, as well as managed security services. To talk with one of our security experts, contact us today.

By |2019-07-18T10:20:14-05:00July 19th, 2019|Blog|Comments Off on 5 Deception Technologies for Evolving Cyberthreats

About the Author:

Chris Hoke is a Managing Director of Security Solutions at Sirius.