IT Brief Australia logo
Technology news for Australia's largest enterprises
Story image

Five ways cyber deception can help boost IT security

By Contributor
Mon 10 Feb 2020
FYI, this story is more than a year old

Article by Attivo Networks regional director A/NZ, Jim Cook.

With organisations constantly on the hunt for ways to improve the security of their IT infrastructures, they are affording growing attention to a technique dubbed ‘cyber deception’.

Cyber deception involves confusing and redirecting a criminal’s actions, causing them to make mistakes and reduce the success of their attack. It’s achieved by placing several decoys, credential lures, and other bait throughout an organisation’s network and then monitoring what occurs.

The technique can do much to augment other security measures, providing another layer of protection that makes it even more difficult for cybercriminals to succeed. The five key ways in which cyber deception can assist an organisation are:

1.    Pre-execution protection:
Cyber deception makes use of machine learning techniques to analyse an organisation’s network and create deceptions that mirror-match the environment. This process enables the visibility into unauthorised adds and changes that could introduce risk to the environment.

Cyber deception also maps existing stored or orphaned credentials and identifies them for cleaning and removal. It can also provide insights into suspected lateral movement attack paths, which are a favourite avenue exploited by cybercriminals to move around within an infrastructure.

Also, recent innovations in deception technology protect Microsoft’s Active Directory with the ability to detect unauthorised queries and return false data without touching the production environment. The deception misdirects attackers to a decoy, creating difficulty for them when it comes to differentiating real results from fakes.

2.    Stopping an attack:
Traditionally, security detection tools have tended to activate only when an attack is already well underway. Deception-based detection is much more proactive and designed to detect criminal activity far earlier, typically raising a flag when an attacker looks to move from an initially infected system.

Cyber deception detects and disrupts attacks early, regardless of the attack vector attackers use.  A full deception framework will assist an organisation in protecting everything from networks and cloud platforms to data centers, remote offices, and even Internet-of-Things (IoT) environments.

3.    Removal and remediation:

By using cyber deception techniques, IT teams can gain accurate alerts that are substantiated by the deception environment’s attack analysis and forensics. The ability to gather real-time intelligence is a unique benefit of deception and is extremely valuable for gaining the upper hand against criminals.

Advanced deception platforms can also automatically remediate exposed credentials on endpoints attached to the network. In many Red / Blue security assessments where the organisation leveraged deception, Blue Teams have detected intrusions in less than an hour, and in some cases, achieved containment in under 30 minutes and fully restored services within another 30 minutes.

4.    Making use of threat intelligence:

Cyber deception goes well beyond traditional security alerts by gathering adversary intelligence so that defenders can quickly understand an attack and fortify their defenses against it.

Techniques include planting decoy documents and fake credentials that allow IT teams to gather adversary intelligence related to an attacker’s intent. This knowledge can be vital to understanding what type of information the attackers are after and how they are gaining access to the IT infrastructure.

5.    Post-attack investigation:

To assist with post-incident evaluation, and future planning and response, cyber deception techniques can record all attack activity and provide irrefutable proof of unauthorised access or policy violations.

This in-depth information can be extremely useful in demonstrating security resiliency, ongoing security control functionality, and security controls related to insiders and suppliers. It can aid an IT team and ensure it is much better prepared to withstand any future attacks.

Prevention v proactivity
Traditionally, cybersecurity efforts have tended to focus on preventative techniques. However, when you considering the growing numbers of breaches that continue to occur each year, this approach is no longer sufficient.

Instead, organisations should add proactive techniques such as cyber deception to the security mix. They will then be in a better position to detect and derail threats much earlier so that criminals cannot establish a foothold or complete their planned attack.

Taking the time now to examine cyber deception options and make them a part of your security architecture will better prepare you for any threats as they arise in the future.

Related stories
Top stories
Story image
9/10 Aussies to stop spending if personal data compromised
"Based on the patterns we are seeing among Australian consumers, it is evident that trust in a brand is exceptionally important."
Story image
Artificial Intelligence
AI-based email security platform Abnormal Security valued at $4B
"A new breed of cybersecurity solutions that leverage AI is required to change the game and stop the rising threat of sophisticated and targeted email attacks."
Story image
Zendesk announces new conversational CRM solutions
“The last few years have made it obvious that digital is the front door, convenience is paramount and relationships are anchored in conversations."
Story image
Workato unveils enhancements to enterprise automation platform
"The extra layer of protection with EKM, zero-logging, and hourly key rotation gives customers a lot more visibility and control over more sensitive data."
Story image
Video: 10 Minute IT Jams - An update from IronNet
Michael Ehrlich joins us today to discuss the history of IronNet and the crucial role the company plays in the cyber defence space.
Story image
Hard numbers: Why ambiguity in cybersecurity no longer adds up
As cybersecurity costs and risks continue to escalate, CEOs continue to struggle with what their investment in cyber protection buys. Getting rid of ambiguity becomes necessary.
Story image
BeyondTrust integrates Password Safe solution with SailPoint
BeyondTrust has announced the integration of BeyondTrust Password Safe with SailPoint identity security offerings.
Story image
Artificial Intelligence
SAS launches human-focused responsible innovation initiative
SAS has launched a responsible innovation initiative, furthering its commitment to equity and putting people first.
Story image
Prophecy International migrates VMware environment with Oracle Cloud Solution
The Adelaide-based global provider is using the solution to eliminate the need to re-write applications, therefore allowing the company to enhance its business operations.
Story image
New digital traffic light system to tackle construction defects
Smarter Defects Management launches its PaaS digital system and says it will revolutionise managing defects in the construction industry.
Story image
Artificial Intelligence
SAS unveils AI experience to improve kids' batting abilities
SAS has created The Batting Lab, an interactive experience using AI, computer vision and IoT analytics to help kids improve their baseball and softball swings.
Story image
Atturra partners with Focus HQ to support Aus organisations
Atturra has executed a partnership agreement with Focus HQ, to resell and support the company's Australian developed SaaS-based portfolio management platform.
Story image
Voxel hits total funding of $18M following ongoing wins
Since raising its seed round in September, Voxel has grown at pace, by decreasing on-site injuries by upwards of 80% and increasing operational productivity.
Story image
Absolute Software expands Secure Access product offering
Absolute Software is enhancing its Secure Access product portfolio, enabling minimised risk exposure and optimised user experiences in the hybrid working environment.
Story image
New SAS service overcomes subscription fatigue for media companies
SAS has launched SAS 360 Match which helps media companies move towards a AVOD model to generate revenue as subscribers cancel.
Story image
Ivanti and Lookout bring zero trust security to hybrid work
Ivanti and Lookout have joined forces to help organisations accelerate cloud adoption and mature their zero trust security posture in the everywhere workplace.
Find out how a behavioural analytics-driven approach can transform security operations with the new Exabeam commissioned Forrester study.
Link image
Story image
Adyen expands partnership with Afterpay as BNPL payments increase
Adyen has expanded its partnership with AfterPay allowing more of Adyen’s merchants in more countries worldwide to use the BNPL provider.
Story image
Grasping the opportunity to rethink the metrics of a sustainable data centre
A data centre traditionally has two distinct operations teams: the Facility Operations team, and the IT Operations team. Collaboration between them is the key to defining, measuring, and delivering long-term efficiency and sustainability improvements.
Story image
Artificial Intelligence
Updates from Google Workspace set to ease hybrid working troubles
Google Workspace has announced a variety of new features which will utilise Google AI capabilities to help make hybrid working situations more efficient and effective.
Story image
HINDSITE wins Aerospace Xelerated Pitch Challenge with solution to support Boeing
Brisbane-based startup HINDSITE was the winner of the first ever Pitch Challenge organised by Aerospace Xelerated in partnership with Queensland XR Hub. 
Story image
Artificial Intelligence
ANU and Seeing Machines to use AI to improve driver safety
The Australian National University and Seeing Machines have won a grant to develop AI systems monitor human behaviour while driving.
Story image
Application Security
What are the DDoS attack trend predictions for 2022?
Mitigation and recovery are vital to ensuring brand reputation remains solid in the face of a Distributed Denial of Service (DDoS) attack and that business growth and innovation can continue.
Story image
A10 Networks finds over 15 million DDoS weapons in 2021
A10 Networks notes that in the 2H 2021 reporting period, its security research team tracked more than 15.4 million Distributed Denial-of-Service (DDoS) weapons.
Story image
Could your Excel practices be harming your business?
While Excel has been the de-facto standard for budgeting, planning, and forecasting, is it alone, enough to support organisations in the global marketplace that’s facing rapid changes due to digital transformation?
Story image
SmartCIC, BICS partner to expand wireless service options
SmarCIC has partnered with BICS to increase choice for organisations using fixed wireless services, expanding existing carrier relationships for its CELLSMART division.
Story image
Google and CSIRO use AI to help protect the Great Barrier Reef
Google has partnered with CSIRO in Australia to implement AI solutions that help protect the Great Barrier Reef.
Story image
Remote Working
How organisations can meet employees' changing expectations
The global employment market has shifted dramatically in favour of employees, sparking the so-called great resignation, in which people are leaving unsatisfying roles in search of greener pastures.
Story image
Fortinet's Security Fabric hits new record for integrations
The Fortinet Security Fabric has surpassed 500 technology integrations with more than 300 Fabric-Ready Technology Alliance Partners.
Story image
Telstra, Google and Accenture launch 5G AR experience for AFL
Telstra, Google and Accenture are developing a new 5G powered augmented reality (AR) experience at Melbourne's Marvel Stadium for the footy season.
Story image
Hawaiki Cable
BW Digital completes acquisition of Hawaiki Submarine Cable
BW Digital has completed its full acquisition of Hawaiki Submarine Cable, with all applicable regulatory filings and approvals now received.
Story image
Cybersecurity starts with education
In 2021, 80% of Australian organisations responding to the Sophos State of Ransomware study reported being hit by ransomware. 
Story image
Talend introduces new data health solutions for businesses
Talend has announced its latest version of Talend Data Fabric, with the release of Talend Trust Score enabling data teams to establish a foundation for data health.
Story image
Decision Inc. Australia enters partnership with Alteryx
Independent data and analytics consultancy Decision Inc. Australia has partnered with automated analytics company Alteryx, expanding its offering to clients.
Story image
Digital Transformation
Unlocking the next digital frontier for educational institutions
Understanding where to invest in technology can be challenging for education institutions, especially after the COVID-19 disruptions.
Story image
Sift shares crucial advice for preventing serious ATO breaches
Are you or your business struggling with Account Takeover Fraud (ATO)? One of the latest ebooks from Sift can provide readers with the tools and expertise to help launch them into the new era of account security.
Story image
SAS Viya on Microsoft Azure to deliver 204% return - study
The Forrester Total Economic Impact study finds SAS Viya on Microsoft Azure brings a 204% return on investment over three years.
Threat actors are exploiting weaknesses in interconnected IT/OT ecosystems. Darktrace illuminates your entire business and takes targeted action to stop emerging attacks.
Link image
Story image
Managed service providers: effective scoping to avoid costly vendor pitfalls
Managed security services are outsourced services focusing on the security and resilience of business networks.
For every 10PB of storage run on HyperDrive vs. comparable alternatives, an estimated 6,656 tonnes of CO₂ are saved by reduced energy consumption alone over its lifespan. That’s the equivalent of taking nearly 1,500 cars off the road for a year.
Link image
Story image
Data Center
Preventing downtime costs and damage with Distributed Infrastructure Management
Distributed Infrastructure Management (DIM) can often be a lifeline for many enterprises that work with highly critical ICT infrastructure and power sources.
Story image
Power at the edge: the role of data centers in sustainability
The Singaporean moratorium on new data center projects was recently lifted, with one of the conditions being an increased focus on power efficiency and sustainability.
Story image
Telstra and Silver Trak Digital delivers 5G to the cinemas
Telstra and Silver Trak Digital say they've launched Australia's fastest and most secure delivery of content over 5G for cinemas.
Story image
Public Cloud
Cloud adoption still a work in progress, NetApp finds
NetApp has announced the results of the annual Cloud Infrastructure Report based on a survey of public cloud business and IT decision makers.