19 Jun 2012
An increase in cybercrime attacks has prompted large companies to adopt active defenses to distract hackers from causing massive security breaches and hire third-party security firms to “strike-back” at assailant's systems, according to security specialists.
With current laws providing little protection, companies are taking aggressive steps in identifying hackers. Fake data that acts as “beacons” is used by companies in luring and identifying cybercriminals.
"There's nothing you can do" to prevent hacking, said Rodney Joffe, senior technologist at Internet infrastructure company Neustar Inc and advisor to the White House on cyber security. Arguing that 162 of 168 largest 500 U.S. companies by revenue were broadcasting classified data to hackers, Joffe emphasized the seriousness of the situation.
"These are examples how we are failing," Hypponen said when talking about malware like Flame or Duqu. "Consumer-grade antivirus you buy from the store does not work too well trying to detect stuff created by the nation-states with nation-state budgets."
Today’s common practice is detecting abnormal behavior and restricting access. Analyzing compromised data to assess damage and intent is recommended in case of security breaches. Having multiple fake versions of a classified document and a single genuine copy is also recommended by security experts.
"There is a reason that people fly halfway around the world to have a one-hour meeting," said Rodney Joffe, concluding that this is the safest way of avoiding data breaches.