Setting traps for cyber-thieves with ‘deception technology’: Carolyn Crandall
These days it’s not enough to try to keep cyber-thieves and online spies out of your company’s network — there’s a good chance they’re already in.
That’s the rationale behind “deception technology,” a sector of the cybersecurity business that grew out of the reality that no matter how good a firm’s “perimeter security” may be, a global army of extremely clever, morally compromised technologists is working diligently to break it.
The trick, according to Carolyn Crandall, the “chief deception officer” of Attivo Networks in Fremont, is to catch them once they’re inside. In cybersecurity parlance, this is known as “detection.”
“The premise of security was originally built on having a perimeter. Build your castle or your fortress and nobody can get in,” Crandall said. “And we know that that’s not realistic, if you look at the simple number of breaches that happen. The innovation that attackers are able to use is outpacing that of typical cybersecurity.”
Online attackers can be very sophisticated, and the longer they’re poking around inside a network — the average is 100 days — the more time they have to locate what they want to steal, then trick employees, suppliers or affiliates into providing login credentials to access that data, or find vulnerabilities that let them pilfer it directly, Crandall says.
So Attivo sets what it calls decoys, traps and lures. These are faked elements in a firm’s computer network and its contents that an attacker would see, virtually represented, once inside the network — like a server, router, desktop computer, data file, or maybe some login credentials in a web-browsing history. The elements look real to a cyber-intruder, but would never be accessed by anyone who is actually authorized to use the network. If a hidden malefactor exploring the system hits one of those elements, the attacker is exposed. The victim can then take appropriate security measures, and possibly contact law enforcement.
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise