This week’s Ask the Expert is answered by Max Emelianov. CEO of HostForWeb.
Ask the Expert: What Is Deception Technology, And How Is It Reshaping Cybersecurity?
What do stage magicians and cybersecurity professionals have in common? More than you might expect. There’s a new set of tools in the cybersecurity space, and they may end up being one of the most formidable weapons ever conceived in the fight against hackers. I’m referring, of course, to deception technology. But just what is it, exactly?
A cybercriminal has targeted the servers of a small healthcare organization, planning to make off with anything he can sell on the black market. Unfortunately for them, there are several unpatched systems that allow him easy access. It only takes him a short time to download the files he needs and vanish without a trace.
Only he hasn’t made off with anything. Not really. What’s actually happened is that he’s stumbled upon a sort of digital honeypot – the files he’s downloaded seem legitimate, but they’re actually filled with garbage data.
Meanwhile, the hospital’s IT team has been monitoring the attacker in an attempt to pin down his exact location. Once they know who he is, they forward the information to the police. He’s about to get a nasty surprise.
Today’s digital landscape is a bit grim – it’s not a question of if your business will get hacked, but more one of when. The problem is that preventing a hacker from gaining access to sensitive data requires constant vigilance. For hackers, all they need is a single mistake.
That’s why deception technology, as it’s known, is such a promising technique. Not only does it allow businesses to add an extra safeguard against illegitimate access, it provides a sort of sandbox which professionals can use to better understand the motivations, goals, and behavior of their attackers. And, as shown in the above example, it can even provide the team with a means of tracking down the people responsible for an attack in the first place.
So why hasn’t deception technology become more prevalent?
For a few reasons. First, creating an effective digital honeypot – one which will fool even experienced hackers – is extremely difficult to do. Even a small mistake will alert a savvy criminal to the fact that something’s amiss.
And at that point, not only have your efforts failed, they’ve likely angered the criminal in question. You’ve made it personal by wasting the hacker’s time. Whereas they were probably targeting you amongst several other organizations before, now they might focus on you entirely.
Moreover, for deception technology to be effective, it needs to be paired with a mature cybersecurity program – one that includes the right talent, tools, and expertise. Otherwise, it’s a wasted effort. An effort that won’t be of any use if you aren’t aware the attack is even happening.
To adapt an analogy from the Prowess Corp blog, deception technology is like creating a room filled with fake jewelry to fool a thief, complete proximity sensors and video cameras. Deception technology without proper cybersecurity is like building the room, but not bothering to do anything else. Sure, it might fool a criminal, but you’ll be no closer to figuring out who they were or why they broke in.
Don’t get me wrong, deception technology is going to have an extremely important role to play as threat surfaces grow larger and the risks facing them more complex. But it won’t ever replace more traditional security measures. It’s an augmentation, not a magic bullet – and it’s important that we all bear that in mind.
Enjoyed this Ask the Expert? Check out What benefits come from running a partner programme?