Deception is a frequently used tactic in both defensive and offensive strategies, from chess to duck hunting, and a tool that many security professionals have been using for years. Initially, when deception was used in network defense, it involved a human carefully interacting with an infiltrator to make them believe that they had achieved access to restricted data and to keep them occupied until the threat could be contained. Today, however, technological advancements have eliminated the need for direct human interaction and have increased the believability of decoys.
Written by: Mike Parkin, Product Marketing Engineer – As deception technology has matured into a modern and effective security solution, vendors have pursued different techniques for creating decoys, lures, and the rest of the details that go into a deception platform. One of the challenges the industry faces is creating deceptive assets that fall into the ‘sweet spot’ that will lure an attacker in without being an obvious trap.
Dealing with cyberattacks on a daily basis has become the reality for businesses today. However, few organisations take a proactive response. Instead, they are left to deal with the fallout after an attack happens and the financial and reputational damage to their business has already occurred. TechRadar Pro spoke with Attivo Networks’ Chief Deception Officer Carolyn Crandall who suggests that businesses adopt the long established military technique of ‘deception’ to help them gain an edge over cybercriminals.