Plaintext: Deception Tech
Welcome to Dark Reading in?Plaintext, where each day we dig into topics important to cybersecurity professionals. Today, we talk about cyber deception -- technologies enterprise defenders can use to make it harder for attackers to carry out their operations. Does deception still have a place in cybersecurity?
Setting Traps
The core idea of?cyber deception was?first discussed in 1989 by Gene Spafford of Purdue University. Deception encompasses more than honeypots and honeynets -- as the technology can react and implement defenses based on what happens. Deception technology can imitate an internal network and provide fake access to accounts and files. When a security deception product works as intended, the attackers truly believe they've infiltrated a restricted network and are gathering critical data.
That's the logic behind canary tokens -- manufactured access credentials, API keys, and software secrets. They are not real, so enterprise defenders know that someone attempting to use them must be engaged in malicious behavior. GitGuardian released ggcanary, an open source project designed to give developers a way to deploy fake Amazon Web Services secrets within their software development environment. [Read more Credential Canaries Create Minefield for Attackers]
- Illusive is a company specializing in deception tech.
- Trinity Cyber is another, a managed security service that inspects and scrubs incoming and outgoing malicious traffic without alerting the bad guys.
- Honeywell's Threat Defense Platform directs attackers toward phony assets that appear to be actual OT and IT devices.
领英推è
Headlines on Tap?
- A Justice Department official testifies to a House committee that foreign adversaries breached the US federal court records system.
- European pipeline and energy supplier Encevo urged customers to update credentials in the wake of a ransomware attack.
- Considering the vital role in global communications tech companies play, neutrality is not really an option.
Enjoy reading Dark Reading? Subscribe to receive?Dark Reading Daily?every morning!
On That Note
Let us know if we left off any good reads from our Dark Reading summer reading list.
- A Restaurant in Jaffa, Mark E Sorenson
- Be Gone, Dennis Fisher
- Breaking Backbones: Information is Power, Deb Redcliff
- Design Flaw, Erica Anoe
- The Engima Threat, Charles Breakfield and Rox Burkey
- gAbriel, Chase Cunningham
- The Paladin, David Ignatius
- Raven, Sue Loh
Chief Security Officer (CSO) | CISO | Cybersecurity Strategist | Board Advisor | Public Speaker
2 å¹´Highlight the canary tokens mention in this article. Easy to generate, implement and very very useful when triggered and silent. AWS API canary tokens and DNS canary tokens are great starting points. HTTP and MS Word canary tokens are useful to learn and experiment.
Senior Cloud Security SME | CISO Advisor | Cyber Counter Intelligence | AI Security | Cloud Threat Hunter
2 å¹´I have been a advocate of cyber deception for a while so I loved this article. Topics like this often fall between the cracks. This does require security leaders who are not just theorist. Cyber security is becoming cyber warfare. Our military community in technology is uniquely aligned to help in this area. Great article once again.
Data Engineering @ OGx | Google Cloud Public Sector | 5x Google Cloud Certified ?? | ?? Hello@Trau.co
2 å¹´These articles are always informative, and I do enjoy reading them, but, as for substance, I wish there were more to 99% of them... Almost every articles feels like it ends on a cliff hanger, with a Part 2 and/or 'to be continued that's never gonna be written.
Founder and Chief Executive Officer at Goode Cyber Security |Cyber Defense Architect| Cybersecurity Consulting | vCISO | Compliance Consulting | U. S. Air Force Veteran |
2 å¹´Well said