What is Deception Technology?
Deception Technology is an emerging category of Cyber Security defence. It is a category of security tools and techniques that is designed to prevent an attacker who has already entered the network from doing damage.
Deception technology automates the creation of traps (decoys) and/or lures which are mixed among and within existing IT resources to provide a layer of protection to stop attackers that have penetrated the network.
Honeypots were perhaps the first very simple form of deception.
Why Deception Matters?
A History of Deception
Deception has a centuries-old successful history in military warfare. Military doctrine from Sun Tzu, Genghis Khan, Clausewitz, Machiavelli and Chanakya, all the way through the Second World War has stressed the importance of deceiving the enemy to know their plans and thwart their objectives.
Military history is rife with examples of crucial victories, won through subterfuge:
- The Trojan Horse of Troy
Perhaps the most well-known example. The Greeks hid a force of men in a giant wooden horse and feigned retreat. The Trojans pulled the ‘victory trophy’ inside the city gates. That night, the hidden Greek troops crept out of the horse and opened the gates for the rest of their army.
- The Mangudai of the Mongol Army
Genghis Khan’s army relied heavily on light cavalry that would harass the front-lines of the enemy force. They would charge, feign retreat, and draw the enemy towards favourable ground.
- The Ninja’s of feudal Japan
The ninjas represent the ultimate adoption of deception in conflict. Practically every tactic revolved around deceiving the enemy, to the point that ninjas would spread rumours of their supernatural powers. They were masters of disguise and used distraction devices such as smoke grenades to infiltrate heavily fortified installations and seize victory.
- Operation Mincemeat
During the Second World War, the Allies planted a corpse off the coast of Spain with a briefcase containing detailed plans to invade Europe through Greece. The Germans recovered the body and believed the ‘secret’ documents;
making preparations to reinforce Greece. It was considered one of the most successful deception operations in the war.
Information today is the coin of the realm, and as such, using deception and misinformation have never been more topical to modern conflict.
Old Strategies, New Battles
Early in computer security, many attacks were famously thwarted through ingenious deception by the defenders. The most famous examples are Clifford Stoll’s tracking a Russian hacker in the 80’s. The story is told best in his book, The Cuckoo’s Egg
However, as computing evolved and became more complex, this form of active defence was superseded by protective measures — firewalls and anti-virus.
Unfortunately, today’s attacks on computer security have shown that protection is both overrated, and impossible to achieve. The largest organizations, from Target Corp. to J.P. Morgan and Sony have been victims of massive hacks, despite
having every conceivable protection mechanism.
Hackers themselves rely heavily on deception. Social-engineering, or hacking the human, is the number one mechanism used to gain a foothold in the organization.
Why then don’t defenders deploy deception? Up until now it was too hard. Too complex to maintain. That has changed now. Active defence is the future of cyber-security, and organizations that forget the foundational principles of warfare will be on the back-foot in dealing with the most modern form of war.
Market size and adoption
An industry analyst predicted in August 2016 that the deception technology market is currently (in 2016) approximately $50 to $100 million globally, and further predicted $100 million to $200 million in revenue by 2018.
Market Research Media estimates the cumulative deception technology market value at $12 billion (2017 – 2022), growing at about 19% CAGR. [https://www.marketanalysis.com/?p=398]
Introduction to Deception Technologies
by TrapX Security