https://www.iotworldtoday.com/wp-content/themes/ioti_child/assets/images/logo/mobile-logo.png
  • Home
  • News
    • Back
    • Roundups
  • Strategy
  • Special Reports
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Podcasts
    • Strategic Partners
    • Latest videos
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Editorial Submissions
  • Events
    • Back
    • Embedded IoT World (Part of DesignCon) 2022
Iot World Today
  • NEWSLETTER
  • Home
  • News
    • Back
    • Roundups
  • Strategy
  • Special Reports
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Podcasts
    • Strategic Partners
    • Latest videos
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Editorial Submissions
  • Events
    • Back
    • Embedded IoT World (Part of DesignCon) 2022
  • newsletter
  • IIoT
  • Cities
  • Energy
  • Homes/Buildings
  • Transportation/Logistics
  • Connected Health Care
  • Retail
  • AI
  • Metaverse
  • Development
  • Security
ioti.com

Security


Image shows a hooded hacker breaking into data servers.

Active Defense and the Quest to Outsmart Hackers

Fighting cybercrime is growing more expensive. Perpetrating it has never been so easy. How active defense could restore a modicum of symmetry to the cybersecurity field.
  • Written by Brian Buntz
  • 25th July 2018

Imagine you helped to roll out a comprehensive enterprise IoT-based network, and after, your firm became a victim of a string of cyberattacks. But more troubling, you detected a sizable presence of unauthorized individuals who breached your firm’s IoT devices. They are now lurking throughout your network, but you don’t yet know who they are and how long they’ve been there. Are they disgruntled employees? Competitors looking to steal intellectual property? Elite and possibly state-sponsored black hats doing reconnaissance or prepping for an attack? A combination of all of the above? Whatever the case may be, IBM-sponsored research from the Ponemon Institute indicates that organizations that have sizable IoT deployments tend to suffer more financially-damaging breaches than those that don’t.

But instead of panicking, what if you responded to this situation with a little bit of schadenfreude, gleefully telling yourself: ‘I’m going hacker hunting!’ You’re not going to do something potentially illegal like hack back, attempting to break into the computers hackers used to attack your network. But you’re going to deceive them, and you are going to set traps and lures for them. In the end, you vow to get a more precise sense of what they are after, and their possible stage of attack. Most importantly, you have a plan for finding them and getting them off your network — much more quickly than you would have otherwise.

Welcome to the world of active defense, which EY defines as “a deliberately planned and continuously executed campaign to identify and eradicate hidden attackers and defeat likely threat scenarios targeting your most critical assets.”

The idea of active defense is gaining traction in the enterprise, with the exception of so-called “hacking back,” which remains controversial. Gartner, in its Continuous Adaptive Risk and Trust Assessment model, recommends deceiving intruders and leveraging machine learning to help spot the bad guys and the data they are looking for. McKinsey has embraced the idea of active defense as essential in the era of advanced cyberthreats. And the Department of Homeland Security is offering active defense tools to the private sector.

Carolyn Crandall, whose defacto title at Attivo Networks is chief deception officer, is also a fan of the concept. “One of the things that I love about deception technologies is that you’re using some of the attackers’ own tactics against them,” she said. “Their whole thing is to come in and act like an employee, using employees’ credentials to navigate. Well, what if you turn that against them, and you make it so they can’t tell what’s real and what’s fake? And they get caught in their own web of lies?”

Such strategies have long been a staple of military and intelligence agency training. It’s only logical that, as cyberattacks become at once easier to deploy and more damaging, that the same principle would gain ground in the digital realm. The fact is: Organizations could spend potentially unlimited sums of money on cyber-hygiene technologies and still be breached. And once an attacker is in a network, most organizations fail to detect them for months. And once they do, it can take months to address the problem. The aforementioned Ponemon Institute research finds that U.S. organizations need an average of 197 days to identify attackers and 69 days to contain them.

A big part of that delay, Crandall said, is that organizations are so focused on external defense they don’t tend to have solid processes in place for getting rid of intruders already on the network. The intent to build a cybersecurity “castle” with the “tallest walls” and “deepest moats” with the hope no intruders will get in amounts to wishful thinking. “The shift in paradigm is that, in today’s connected society, you just don’t [keep the bad guys out],” Crandall said. “You have to think about the world as a perimeter-less organization.”

There are several reasons to arrive at this conclusion. There is a proliferation of hacking tools including hacking-as-a-service that allow minimally trained individuals to inflict sizable damage. The Internet of Things is increasing the attack surface to include devices as diverse as thermostats, fish tanks, video cameras, lab microscopes and beyond. And then there is a rise in nation-state backed hackers. Then there is the fact that, even if an organization had the most elite cyber defenses available, insiders, suppliers or a merger with another company could leave them vulnerable.

Crandall said that, while the industry average to detect a breach may be multiple months, it is reasonable to detect cybercriminals mere minutes after they enter the network, and then remediate the problem. “The question becomes: How do you locate that compromise quickly, so it doesn’t become a full breach?” Crandall said. “If you can detect the threats early, you can remove a lot of the hassle of having to do clean up long afterward.”

Tags: Security News

Related


  • Microsoft Ramping up Cybersecurity Service Offerings
    Three new managed services will boost the company’s presence in the security space
  • IoT Product Roundup
    IoT Product Roundup: PTC, Nokia, Arm and More
    All the latest Internet of Things products
  • STMicroelectronics
    STMicroelectronics, Microsoft Partner to Develop IoT Security Solutions
    The collaboration will combine the groups’ expertise in security software to alleviate pressure on IoT manufacturers
  • Image shows IoT (Internet of Things) concept.
    IoT Product Roundup: Amazon, Synaptics, Urban Control and More
    The latest new Internet of Things products

Leave a comment Cancel reply

-or-

Log in with your IoT World Today account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related Content

  • San Francisco 49ers Reportedly Hit by Ransomware Attack
  • BotenaGo Source Code Leak Exposes More IoT Devices
  • Palo Alto Networks Working With Department of Veterans Affairs to Secure Remote Workforce
  • Company Sets New Standards for IoT Device Security

Roundups

View all

IoT Deals, Partnerships Roundup: Google, Arm, Senet and More

26th May 2022

IoT Product Roundup: PTC, Nokia, Arm and More

19th May 2022

IoT Deals, Partnerships Roundup: Intel, Nauto, Helium and more

14th May 2022

White Papers

View all

The Role of Manufacturing Technology in Continuous Improvement Ebook

6th April 2022

IIoT Platform Trends for Manufacturing in 2022

6th April 2022

Latest Videos

View all
Dylan Kennedy of EMQ

Embedded IoT World 2022: Dylan Kennedy of EMQ

Dylan Kennedy, EMQ’s VP of global operations, sat down with Chuck Martin at Embedded IoT World 2022.

Embedded IoT World 2022: Omdia’s Sang Oh Talks Vehicle Chip Shortage

Omdia’s automotive semiconductor analyst sits down with Chuck Martin at this year’s event

E-books

View all

How Remote Access Helps Enterprises Improve IT Service and Employee Satisfaction

12th January 2022

An Integrated Approach to IoT Security

6th November 2020

Webinars

View all

Rethinking the Database in the IoT Era

18th May 2022

Jumpstarting Industrial IoT solutions with an edge data management platform

12th May 2022

AI led Digital Transformation of Manufacturing: Time is NOW

9th December 2021

Special Reports

View all

Omdia’s Smart Home Market Dynamics Report

7th January 2022

Cybersecurity Protection Increasingly Depends on Machine Learning

28th October 2020

IoT Security Best Practices for Industry and Enterprise

20th October 2020

Twitter

IoTWorldToday, IoTWorldSeries

This white paper by @braincubeEn explores how the changes of 2020 and 2021 are shaping the future of #IIoT. Learn w… twitter.com/i/web/status/1…

27th May 2022
IoTWorldToday, IoTWorldSeries

UK Investing $50M for Self-Driving Buses, Vans dlvr.it/SR9QlJ https://t.co/sQdX2tJY4d

27th May 2022
IoTWorldToday, IoTWorldSeries

Dubai to Use Satellite IoT Terminals for Utilities Industry dlvr.it/SR9NQB https://t.co/GXf9Gx5RCw

27th May 2022
IoTWorldToday, IoTWorldSeries

@BerkshireGrey’s AI-powered next-gen warehouse robot is helping retailers by cutting times for order fulfillment, u… twitter.com/i/web/status/1…

27th May 2022
IoTWorldToday, IoTWorldSeries

Access the insights on IoT deployments, emerging tech and new applications now. Sign up to our dedicated… twitter.com/i/web/status/1…

27th May 2022
IoTWorldToday, IoTWorldSeries

Survey finds there's a lot of on-campus affinity for @StarshipRobots delivery #robots. dlvr.it/SR79YR https://t.co/73EaFPR6ft

26th May 2022
IoTWorldToday, IoTWorldSeries

That latest #IoT deals and partnerships news from @Google, @RedHat, @Arm, @SierraWireless, @ItronInc and more!… twitter.com/i/web/status/1…

26th May 2022
IoTWorldToday, IoTWorldSeries

@Ford is testing #geofencing tech that automatically cuts vehicle speeds. iotworldtoday.com/2022/05/26/for…

26th May 2022

Newsletter

Sign up for IoT World Today newsletters: vertical industry coverage on Tuesdays and horizontal tech coverage on Thursdays.

Special Reports

Our Special Reports take an in-depth look at key topics within the IoT space. Download our latest reports.

Business Resources

Find the latest white papers and other resources from selected vendors.

Media Kit and Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • IoT World Series
  • Channel Futures
  • RISC-V
  • Dark Reading
  • ITPro Today
  • Web Hosting Talk

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Login/Register

FOLLOW IoT World Today ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X