Hacking the hackers

[thai tech]

Hacking the hackers

Let hackers in: Experts say traps might be better than walls

SEOUL, South Korea (AP) — Ever since the Internet blossomed in the 1990s, cybersecurity was built on the idea that computers could be protected by a digital quarantine. Now, as hackers routinely overwhelm such defenses, experts say cybersecurity is beyond due an overhaul.

Their message: Neutralize attackers once they’re inside networks rather than fixating on trying to keep them out.

First they need to convince a conservative business world to gamble on a different approach. And having sold generations of defensive systems that consistently lagged the capabilities of the most advanced hackers, the industry itself must overcome skepticism it’s flogging another illusion of security.

According to U.S. cybersecurity company FireEye, 229 days is the median length of time attackers lurk inside their victim’s computers before being detected or revealing themselves, underscoring the weakness of conventional tools in identifying sophisticated intruders.

The traditional defenses must “have a description of the bad guys before they can help you find them,” said Dave Merkel, chief technology officer at FireEye Inc. “That’s just old and outmoded. And just doesn’t work anymore,” he said.

“There’s no way to guarantee that you never are the victim of cyberattack.”

Merkel said in the worst case he knows of, attackers hid themselves for years.

Experts aren’t recommending organizations stop deploying perimeter defenses such as antivirus software or firewalls that weed out vanilla threats. But they say a strategy that could be likened to laying traps is needed to counter the sophisticated hacks that can cause huge losses.

Read more: http://tech.thaivisa.com/hacking-hackers/4351/

[Chicog]

Is that supposed to be innovative?

[RichCor]

Honeypots have been in existence for as long as I can remember.

Decoyports redirecting to a fake system. Labyrinth and security walls protecting fake data. Keep the kiddies occupied.

I wish Thai Tech could write about something relevant, or even interesting.

[Chicog]

Honeypots have been in existence for as long as I can remember.

Decoyports redirecting to a fake system. Labyrinth and security walls protecting fake data. Keep the kiddies occupied.

I wish Thai Tech could write about something relevant, or even interesting.

Maybe if they copied something interesting.....

[rabid old goat]

heres something interesting > http://news.xinhuanet.com/english/china/2015-02/10/c_133983279.htm

[IMHO]

Hehehe, yeah honeypots are new, right

Some companies make whole business models just around running honeypots: http://map.ipviking.com/

[rabid old goat]

heres something interesting > http://news.xinhuanet.com/english/china/2015-02/10/c_133983279.htm

and more http://www.bloombergview.com/articles/2015-02-11/china-will-pay-for-huge-qualcomm-fine (given the source you have to sift the propaganda)

[Xircal]

There's another problem which causes headaches in trying to track down hackers. It's called Fast Flux which is often used by botnets and the like. It works by changing the DNS record within seconds of loading making it very difficult to track down the origin.

You need a large number of dedicated resources to devote full time to the task which is outside the realm of most companies budgets.

[phazey]

Honeypots have been in existence for as long as I can remember.

Decoyports redirecting to a fake system. Labyrinth and security walls protecting fake data. Keep the kiddies occupied.

I wish Thai Tech could write about something relevant, or even interesting.

This. We see so much activity on our HP's.

[Chicog]

There's another problem which causes headaches in trying to track down hackers. It's called Fast Flux which is often used by botnets and the like. It works by changing the DNS record within seconds of loading making it very difficult to track down the origin.

You need a large number of dedicated resources to devote full time to the task which is outside the realm of most companies budgets.

That's nigh on ten years old.