This is because the financial sector has always been a favorite target for hackers and will more likely be able to adopt active defense strategies, Eric Chan, regional technical director of Fortinet Southeast Asia and Hong Kong, explained. They also have high IT security budgets and are risk-averse, so they will be likely to consider them, he said.
However, among the enterprises that have the resources to dedicate to robust and complex defenses, there is a gradual move from honeypots to using more sophisticated active defense methods, Steinberg noted. Such methods include developing new technologies that mislead hackers, or coming up with false information to lure hackers down dead ends and away from organization’s critical information, he explained.
Other than in India, the technology, called Intrusion Deception software, has already been adopted by many private and government organizations worldwide, according to David Koretz, vice president and general manager of Mykonos Software, which Juniper Networks had bought for US$80 million in February last year. “In real life, almost every government has a traditional military defense like Army, Air Force and Navy, but there is also a secretive, deceptive group of spies and undercover organizations thwarting attacks before they are ever launched…. In real life, almost every government has a traditional military defense like Army, Air Force and Navy, but there is also a secretive, deceptive group of spies and undercover organizations thwarting attacks before they are ever launched,” Koretz said.
Moving forward, Steinberg expects more sophisticated active defense methods to be adopted by organizations and the move away from honeypots. Honeypots are merely “bait”, but enterprises today want to feel like they are able to fight back against hackers instead of passively defending themselves, he said. “they can start with low-interaction honeypots, such as a facade, which is a lightweight form of honeypot and most often implemented as a software emulation of a target service or application.”
In order for companies to effectively adopt active defenses, they should combine the use of both “the bait and the strategy”, Steinberg pointed out. Both honeypots, new technologies to mislead hackers and new strategies should be used together for a complete strategy, he explained.
Link: http://www.zdnet.com/enterprises-using-new-tech-to-deceive-hackers-7000010403/