Deception as a Cyber-Defense
In a recent article I talked about how governments are adjusting their approach to collecting signals intelligence data in the fight against national enemies – both terrorists and unfriendly states. What about private companies and individuals, what defenses are available to them in these changing times?
Topping the terrorist list are ISIS and Al Qaeda. The leading unfriendly states, ranked by offenses recorded, are China, Iran, North Korea, and Russia.
In December of 2018 alone, major international cyber-attacks on government agencies, defense and high tech companies, or economic crimes with losses of more than a million dollars** included:
- Chinese hackers were found to have compromised the EU’s communications systems, maintaining access to sensitive diplomatic cables for several years
- North Korean hackers stole the personal information of almost 1,000 North Korean defectors living in South Korea
- The United States, in coordination with Australia, Canada, the UK, and New Zealand, accused China for conducting a 12-year campaign of cyber espionage targeting the Intellectual Property and trade secrets of companies across 12 countries. The announcement was tied to the indictment of two Chinese hackers associated with the campaign.
- S. Navy officials report that Chinese hackers had repeatedly stolen information from Navy contractors including ship maintenance data and missile plans.
- Security researchers discover a cyber campaign carried out by a Russia-linked group targeting the government agencies of Ukraine as well as multiple NATO members
- Researchers report that a state-sponsored Middle Eastern hacking group had targeted telecommunications companies, government embassies, and a Russian oil company located across Pakistan, Russia, Saudi Arabia, Turkey, and North America
- Italian oil company Saipem was targeted by hackers taking down hundreds of the company’s servers and personal computers in the UAE, Saudi Arabia, Scotland, and India
- North Korean hackers have reportedly targeted universities in the U.S. since May, with a particular focus on individuals with expertise in biomedical engineering
- The Security Service of Ukraine blocked an attempt by the Russian special services to disrupt the information systems of Ukraine’s judicial authority
- The Czech security service announced that Russian intelligence services were discovered to have been behind attacks against the Czech foreign ministry in 2017
- Chinese hackers breached the systems of an American hotel chain, stealing the personal information of over 500 million customers
One of the fastest growing defenses against hackers and malware is “deception”.
Suppose that when your computer detects an unwanted visitor it lies to the attacker and fools it into doing something non-destructive like going to what is called a honeypot. One example of currently available commercial solutions can be found at www.keyfocus.net/kfsensor/.
According to Wikipedia, a honeypot consists of data that appears to be a legitimate part of the site, but is actually isolated and monitored, and that seems to contain information or a resource of value to attackers, who are then blocked. This is similar to police sting operations, colloquially known as baiting a suspect.
Honeypots have been around for a long time in cyber security, however they are becoming much more prevalent and have inspired various other types of destinations for attackers to be sent and neutralized.
Cyber security paradigms are shifting away from relaying solely on brute-force firewalls. These new concepts or thought patterns look to misdirect attackers rather than attempt to close the door. Just as the new concepts in signals intelligence are shifting to bulk collection of meta-data.
Looking at the major international infractions quoted above, remember they are the ones that were caught and reported. How many more have occurred undetected?
Technology is a great tool, but we need to stay on top of it for self-protection; self-protection at any level, national, corporate, or as an individual.
** Center for Strategic and International Studies, “Significant Cyber Incidents Since 2006”
David Derosier consults with small business on planning and marketing issues, and provides web design and hosting services through OhainWEB.com, an accredited business with the Better Business Bureau that is rated A+ by BBB. He can be reached at JDAVID@Strategy-Planning.info