iTnews

Use decoy and deception to mess with hackers

By Dan Kaplan on Mar 4, 2013 7:00AM
Use decoy and deception to mess with hackers

active defense

Security experts say organisations should use decepetion and decoy data in efforts to kick attackers out of corporate networks.

The vendor-based security professionals said attackers spent big money on maintaining a foothold within networks.

"If you're Google, it doesn't matter how fast you run, the bear wants you," said nCircle chief research officer Tim Keanini.

Mandiant CSO Richard Bejtlich said attackers invested a lot of resources into evading detection once networks were invaded. 

"Once they're in your enterprise, they have to be perfectly stealthy," he said. "But that's predicated on someone looking for them."

Bejtlich likened the challenge of spotting attackers to physically defending a bank. The SWAT team doesn't guard the doors each day, but if there's a robbery, they're the ones coming for the crooks.

"You should apply even more pressure once they're in," he said. "They can break in all day long, but if you can catch them and kick them out, that makes it very difficult for them."

 

The panel suggested taking "active defense" measures that includes deception and decoy data, or "breaking" the hackers' automation – such as inserting delays into scripts they are using – so they can't perform their activities with ease, said Christopher Hoff, chief security architect at Juniper Networks.

The goal was to make a corporate network too expensive to attack.

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
juniper networks mandiant ncircle rsa rsa 2013 rsac security vendors

Partner Content

MSI shows first laptops with Wi-Fi 6E, Nvidia RTX 30 graphics
Partner Content MSI shows first laptops with Wi-Fi 6E, Nvidia RTX 30 graphics
MSI launches innovative new laptops
Partner Content MSI launches innovative new laptops
Improving returns from SD-WAN spending
Sponsored Content Improving returns from SD-WAN spending
NCS expands into Australia in partnership with Optus Enterprise
Sponsored Content NCS expands into Australia in partnership with Optus Enterprise

Sponsored Whitepapers

The risky business of open source
The risky business of open source
Mitigating open source risk in your organisation
Mitigating open source risk in your organisation
How to choose a WAF that's right for you
How to choose a WAF that's right for you
The global telco 5G cloud gaming opportunity
The global telco 5G cloud gaming opportunity
Building a ransomware remediation backup strategy
Building a ransomware remediation backup strategy

Events

  • On-Demand Webinar: How Poly and Microsoft are Embracing Future Work Environments
By Dan Kaplan
Mar 4 2013
7:00AM
0 Comments

Related Articles

  • Building wave of ransomware attacks strike US hospitals
  • IBM withdraws from RSA conference over coronavirus fears
  • Reserve Bank of NZ governor apologises for 'serious' data breach
  • Google unravels state-of-art Android and Windows exploit chains
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Update Chrome or risk remote takeover, US govt warns

Update Chrome or risk remote takeover, US govt warns

Telstra pilots its first neurodiversity recruitment program

Telstra pilots its first neurodiversity recruitment program

Google unravels state-of-art Android and Windows exploit chains

Google unravels state-of-art Android and Windows exploit chains

Accellion hack behind Reserve Bank of NZ data breach

Accellion hack behind Reserve Bank of NZ data breach

You must be a registered member of iTnews to post a comment.
Log In | Register
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.