A cybercriminal knows how to break into your environment and secretly looks for something valuable – intellectual property, bank details, business plans, whatever. An intruder sneaks into a certain node of the network to browse through the folders, and suddenly the connection is disconnected. The stolen username and password he bought no longer works.
The attacker unconsciously set a well-hidden trap that revealed his presence, immediately took steps to disconnect him and then blocked his ability to reconnect. Very cool.
The concept of deceptive technology is pretty cool. And this can be a very valuable level of security that comes into play if you can bypass the other levels of security. However, the problem is that only very large companies have been able to use deceptive technology because of the cost and complexity of implementation and maintenance. Unfortunately, SMEs simply do not have the resources and personnel to exploit this valuable technology.
Playground equipment for cheating
Cynet Cyber Security recognizes the great value of fraud technology. So much so that they have integrated cheat technology into their XDR platform (read more about cheating in this article).
In this way, Cynet customers automatically get reliable deception technology pre-integrated into their XDR platform. Simply put: Instead of purchasing anti-fraud technology through existing endpoint protection (NGAV/EDR), you benefit from fraud as part of your endpoint protection solution and other benefits of XDR.
This is an advantage for companies who could not afford to buy anti-fraud technology from a specialized vendor, but also for those who wanted to avoid the headaches of implementing, integrating, operating and maintaining another cyber security solution. At a time when cyber security seems to be becoming increasingly complex and requires more solutions and control, the Cynet approach is a relief.
After the implementation of Cynet XDR, customers simply configure different types of decoding in their environment, that’s all. Three types of decoding are implemented within the platform:
These are decrypted data files and links that an attacker can see for legitimate data files and links. If an attacker opens a file that contains bait data, a warning will be issued with details on how to access the file, such as B. The attacker’s IP address, the victim’s IP address, the host name, and the name of the file.
Customers can use ready-made bait and even make their own bait. Just be careful when naming the file Top Secret Information.docx so that attackers can see that you have fraud technology. Save the filenames as bait using the usual filename methods.
These are bait for user accounts that can be placed on multiple terminals. If an attacker uses bait IDs to connect to one of the bait users, a warning is generated. Again, usernames and account information must simulate the appointments used in your organization.
Adding malicious hosts to your network environment is another way to detect attackers on your network. Decorative elements are valuable systems with which legitimate users interact to perform their tasks. One idea is to create much more bait for the hosts than for the real hosts, and thus take the risk that a successful attacker makes a bad move and exposes his presence – which is the right move from your point of view!
|Example of displaying fraudulent Cynet hosts (in orange) in a network|
Cheating in Platform
It seems that a technology as useful as fraud technology should be deployed as an essential part of any company’s cyber security technology stack. However, the cost and complexity of adding this technology is certainly an obstacle to its widespread adoption. Cynet’s approach, including deception as part of the robust XDR platform, is a game changer. The implementation of deception technology is worthless and can be carried out with a mouse click. And I’m not pretending!
Download here the technical article about kinematic illusion.