As cyber threats continue to evolve and become more elaborate, companies of all sizes are being challenged to protect their critical business data. And as ransomware grows in sophistication, the need for security controls to keep pace with these threats becomes more inherently important. The priority for most businesses is to fortify their perimeter defenses to prevent intrusions altogether. However, in the current landscape, a multi-layered approach is needed for comprehensively protecting data – one that doesn’t just focus on preventing breaches, but also responding in worst case scenarios.
The Need for Deception Technology
No company boundary is impenetrable. That’s why to achieve the strongest security posture to protect data against ransomware attacks, organizations need multi-faceted tools that work across multiple phases in the attack chain – including when a successful breach occurs. Although commonly underutilized, modern deception technology can play a critical role in early detection of silent and zero-day threats that successfully bypass conventional security tools. Modern cyber deception is defined as an active defense technology and provides businesses with a powerful one-two-punch: first slowing attacks down by diverting bad actors in your network toward fake assets and, second, simultaneously providing high-fidelity alerts about attacks in progress for faster remediation.
More Than Honeypots
For many, the first thing that comes to mind when they hear “deception” is the conventional application of honeypots. Honeypots are a longstanding form of deception that is traditionally used for intelligence purposes. Honeypots are decoy systems used to lure hackers into attacking a fictitious system that appears real, helping businesses learn from bad actors and their tactics. Honeypots have value, but they can be a handful. They take time and expertise to build and they consume compute, storage, and software licenses. For those reasons, you might see only a few in a data center. Deception is a far better approach. Decoys see things that traditional tools simply cannot see. In talking to many, many CISOs over the years, I found that most of them want deception, but not all of them have the resources to practice deception at scale. If only there was an easier way.
Next generation deception with Metallic® ThreatWise™
Metallic® ThreatWise™ changes the game in data protection through specialized, next-generation deception. Using patented technology, ThreatWise™ baits and exposes bad actors to neutralize silent attacks and flag bad actors during recon, discovery, and lateral movement. Unlike honeypots , ThreatWise™ is lightweight, rapidly configurable, and designed to engage threats. By deploying decoys in bulk, ThreatWise™ quickly blankets surface areas and networks with deceptive assets that look like and behave like real resources. Think of these false assets as trip wires that, when touched by a bad actor, signal immediate alerts to the business. ThreatWise™ decoys are also highly versatile and realistic and can mimic a wide variety of resources including workstations, databases, network assets, IoT devices, or nearly any other highly specialized resources that are unique to your business or industry. This unrivaled realism tricks hackers into compromising and interacting with false resources, while unknowingly exposing their presence - helping businesses kick start remediation efforts before attacks reach their targets. Unlike honeypots, ThreatWise™ enables you to lure cyber threats down a rabbit hole, away from invaluable data and assets.
By Steve Preston, VP Metallic Security Services, Commvault