December 2021: Cyber Deception Month Continues…Today’s Cyber Deception Tools Are Straight Out of Science Fiction
Authored by: Carolyn Crandall, Chief Security Advocate, Attivo Networks
When it comes to predicting the future, the science fiction genre has taken some big swings over the years. Unfortunately, it’s whiffed on quite a few of them. 2001: A Space Odyssey thought we’d be traveling to Jupiter by, well, 2001. Back to the Future thought we would have hoverboards and flying cars by 2015. And Blade Runner theorized that we would have murderous robots indistinguishable from humans by 2019. As cool as a hoverboard might be, leaving it on the cutting room floor alongside the killer robots seems like a fair deal.
But although it’s fun to laugh at a film like The Island, which predicted organ farms full of human clones by 2019, science fiction has also gotten quite a few things right. Properties like Star Trek, long known for their forward-thinking nature, predicted things like mobile phones and tablet computers decades before they appeared in the real world. And although they might not have known it at the time, Star Trek and other major science fiction properties accurately predicted the future of cybersecurity. For today’s networks, perimeter defenses are no longer enough. Defenders have had to get tricky—or downright deceptive. Modern deception technology is an indispensable part of network security, and it thrives on principles that were science fiction just a short time ago.
Accidentally Predicting the Future of Cybersecurity
Science fiction writers may not have cybersecurity in mind when they develop their ideas, but the parallels are impossible to deny. Star Trek alone has no shortage of examples of technologies and tactics that users of deception technology would instantly recognize:
Cloaking Devices: Perhaps the most famous alien race in all of popular culture, Star Trek’s Klingons are known primarily for their forehead ridges and their love of honor. But they are also known for their cloaking devices acquired from the Romulans, which allow them to hide their ships from view and provide a tactical advantage in combat—after all, an enemy ship can’t target what it can’t see. It’s a lesson that today’s cybersecurity experts have taken to heart. Modern cyber deception solutions incorporate data cloaking, which hides sensitive or critical credentials and objects from view when attackers attempt to find them. Today’s attackers will generally attempt to move laterally within the network while looking for valuable data to steal or encrypt. Like a Klingon ship lying in wait, cloaking sensitive data keeps it safe from those with ill intent.
Deceptive Environments: In many ways, Star Trek was an early virtual reality (VR) pioneer. While the show was hardly the first to posit the idea of VR, the Enterprise “holodeck,” capable of rendering realistic virtual environments at will, remains one of the most popular examples of the technology. The idea of a virtual environment that appears real is one with obvious cybersecurity applications. If defenders could lure an attacker into such an environment without their knowledge, they could observe them attempting to carry out their attack and gain valuable insight into their tactics, techniques, and procedures (TTPs). Amid the climax of Star Trek: First Contact, Patrick Stewart’s Jean-Luc Picard lures a pair of enemies into the holodeck to dispatch them. It’s easy to imagine a young cybersecurity professional having a eureka moment while watching the scene.
Technological Breadcrumbs: But how does one lure an enemy into a deceptive environment? Simple: leave them breadcrumbs. Countless times, a fugitive fleeing pursuit on Star Trek might leave a false ion trail or a false warp signature to throw their pursuers off the track. Other times, they might issue a false sensor reading to lure an enemy ship out of position. Modern deception technology works in much the same way: give the attackers something enticing to focus on, and encourage them to do so. A string of seemingly unprotected credentials, data packets, or servers might be just what an attacker seeks. These enticing decoys can lure attackers away from more vulnerable targets and straight into a deceptive environment where defenders can safely monitor them.
Shape Shifters: More than a few races can change their appearance in Star Trek, but perhaps the most famous are Deep Space 9’s Changelings. A notoriously dangerous adversary, the Changelings were known for impersonating their enemies to sow unrest and relay false information. And while spycraft has been around for hundreds (if not thousands) of years, the idea of impersonating a specific individual or entity for subterfuge is an ingenious one. Today’s deception solutions don’t just sit back and wait for attackers to make a mistake. They engage in active defense by impersonating network assets and feeding false and misleading information when queried. An attacker might believe they are querying Active Directory (AD), but the false credentials they receive in response will only give away their presence if they attempt to use them. Like Odo, Deep Space 9’s Changeling constable, today’s defenders can use this power to keep wrongdoers on their toes.
What Might the Future Hold?
Flying cars and jetpacks remain a long way off, and warp-speed travel will have to wait. But it’s easy to forget that many of the things we take for granted today would be technological marvels just a few short years ago. Modern deception solutions are the perfect example of a technology leveraging science fiction ideas and principles to achieve real-world results. Science fiction isn’t just about starships and lasers—it’s about original ideas, creative thinking, and innovative vision. And what could be more symbolic of the modern cybersecurity industry than that?
To learn more about modern deception solutions please request a demo at attivonetworks.com.