General discussion
-
Topic
-
Applications of Deception Technology
LockedDeception technology is an emerging category of cyber security defense. Deception technology can rapidly detect, analyze, and defend against zero-day and advanced attacks often in real time. Deception technology is automated, highly accurate,[1] and shares insight into malicious activity within internal networks which may be unseen by other types of cyber defense. Deception technology enables a more proactive security posture. Deception technology seeks to deceive the attackers, detect them decisively and then effectively defeat them allowing the enterprise to return to normal operations.
Deception technology considers the human attacker’s point of view and methodology for exploiting and navigating networks to identify and exfiltrate data. Deception technology fills the gap and extends the power of the traditional cyber defense. Deception technology integrates with existing technologies to provide new visibility into the internal networks, share our high probability alerts and threat intelligence with the existing infrastructure.
Deception technology automates the creation of traps (decoys) and/or lures which are mixed among and within existing IT resources to provide a layer of protection to stop attackers that have successfully penetrated the network. Traps (decoys) are IT assets that use with licensed operating system software, or, are instead emulations of these devices. Traps (decoys) which use emulations can also imitate medical devices, automated teller machines (ATMs), retail point of sale systems, switches, routers and much more. Lures are generally real information technology resources (files of varying kinds) which are placed on actual IT assets.
Applications of deception technology include:
Deception-based security solution has been designed to protect the Society for Worldwide Interbank Financial Telecommunication (SWIFT) financial networks with specific emulations of SWIFT servers and components.
Healthcare – protection of medical devices from MEDJACK.
Ransomware – you can get cryptotrap which is a variant of deception.
IOT – deception technology somewhat uniquely can track the lateral movement by cyber attackers to and from internet of things (IOT) devices.
