The Antwerp World Diamond Center (AWDC) heist is one of the most notorious robberies in history. The AWDC used elaborate security mechanisms to protect diamonds, including a private security force, a lock with 100 million possible combinations, infrared heat detectors, a seismic sensor, Doppler radar and a magnetic field. After planning an attack for four years, the thieves ultimately managed to breach every aspect of the preventive defense system. They made off with about $115 million in diamonds, limited not by the number of diamonds they could get their hands on, but by their physical ability to carry them all.
Until now, email has been one of the easiest routes for attackers trying to breach an organization’s security. Email systems span organizations and connect everyone internally. They’re also the most heavily used applications in most organizations. They contain a vast amount of valuable data for an attacker, and the humans who use email are just that—human. They are prone to click on inviting email links or open legitimate-looking file attachments, and when they do, the attacker gains a foothold in the enterprise environment. From there, he works to find email credentials and reach the email servers.
Attackers targeted a large telecom company with thousands of IT devices in its international network and data centers. They managed to compromise a field technician’s laptop through a malicious email attachment, but illusive networks’ Deceptions Everywhere® technology detected it.
Security researchers build their understanding of attackers’ actions slowly—over time and with considerable attention to subtle details. It’s not unusual to examine hundreds or thousands of artifacts to find just one that will shine the light on an attacker’s activity.
We see it every day. There’s a widespread misunderstanding about the differences between deception technology and the traditional honeypot method of detecting cyber attackers. Honeypot tactics and deception technology are significantly different—from their underlying basic premise to their levels of effectiveness. Here’s how they differ.