News NATO experiments with deceptive techniques to fight Russian hackers


xanix

Advanced
Joined
20.10.20
Messages
110
Reaction score
892
Points
93
During a NATO cyber exercise in Estonia on November 16-20, experts practiced catching government-funded hackers using specially set traps.

1,000 people took part in the exercise, which was coordinated by the cyber security Training center under the Estonian Ministry of defense. If the previous exercises were aimed at the simulation of hybrid methods of war, in the current year the participants practiced the use of traps for hackers – Animoto and hanneton.

The trap works as follows. When a "Russian hacker" tries to break into the secure network of a government of a NATO member country, it first identifies a target-a person whose credentials can be stolen in order to gain access to the network and, moving from host to host, collect valuable information. The victim is then sent a phishing email with a malicious link. When the victim clicks on the link, the hacker gains access to the network.

However, in fact, the information stolen by the attacker is of no value and was deliberately provided for theft. But after a hacker has visited the "network", researchers can study its tools and tactics. At the same time, the attacker does not know that he has fallen for the bait and is actually an object for study by NATO specialists.

According to the technical Director for cyberspace at the NATO high command for transformation, Alberto Domingo, this way experts can gather as much information about the enemy as possible. In particular, they can determine who the enemy is, what they are, what their goals are, and what they intend to do next.

If the use of honeypots by private security researchers is not new, then governments have started using them relatively recently. Does NATO Hanioti only in exercises or in real-world scenarios, too, is still unknown.
 
Top Bottom