Skip to main content

Article Category

Article available in the folowing languages:

Pioneering platform fools cyberattackers to protect large companies

For advanced cyberattacks, enterprises need to incorporate solutions like deception technologies because they can no longer afford to concentrate all their resources on firewalls and similar systems. An EU initiative has introduced a deception tool to detect targeted cyberattacks, stopping attackers while obtaining the maximum amount of information from them.

Digital Economy
Security

Private and public sector organisations are experiencing continuous cyberattacks from more and more determined and sophisticated cybercriminals. Keeping them out of an organisation’s defences is simply not possible, as they’ll eventually find a crack to get in. The EU-funded CounterCraft project accelerated the market introduction of a cyber deception platform that enables organisations to be one step ahead of criminals and attackers by investigating what information is being gathered, their motives and techniques used to penetrate defences.

Leading innovation in emerging deception technology

“This solution – a pioneer in Europe – is used in large organisations and creates a highly credible environment that mimics an entity’s existing network, systems and naming conventions,” says David Barroso, founder and CEO of the eponymous company that coordinated the project. “External adversaries and malicious insiders can’t tell the difference between real and false assets.” When these cybercriminals engage with false information, fake systems and decoy identities, they trigger immediate genuine alerts that help threat hunters and security teams investigate and control the attack. CounterCraft greatly contributed to developing a new version of the product. They designed advanced features and adapted it to customers’ security life cycles. The team also scaled up the tool to other operating systems and mobile devices. It can be implemented worldwide through certified partner companies. According to Barroso, the cyber deception platform is the first product that automates the design, implementation, supervision and maintenance of cyber deception campaigns across an organisation’s entire spectrum of digital assets. These include servers, mobile phones, web applications, mobile applications, wifi access points, supervisory control and data acquisition networks, emails and social media profiles. “This automation has the potential to reduce counter-intelligence costs by up to 95 % compared to manual techniques.” Users are able to develop adaptive and sophisticated responses to cyberattacks. The innovation allows them to detect sophisticated attacks that have bypassed existing controls, redirect attackers out of the production environment and deliver advanced threat behaviour modelling to organisations in real time. “The product is unique as it delivers the ability – in an automated fashion – to craft bespoke deception campaigns both internal and external to an organisation, thereby allowing any business to adjust its defences to the current threat landscape,” explains Barroso. In addition to threat detection and response, the product also provides integrated proactive threat hunting and active attacker engagement.

Ambitious go-to-market strategy

CounterCraft has showcased their disruptive technology at key cybersecurity trade shows and events worldwide. Along the way, it garnered several prestigious international awards for most innovative product, service or security system. Creating strong sales channels have helped make the product a commercial success. CounterCraft operates in more than 20 Fortune 500 Index companies globally, including financial institutions, retail and industrial companies, governments and law enforcement agencies that use the cyber deception platform to improve security. “International deals have been struck that demonstrate the solution’s strength and interest in this new cybersecurity approach,” concludes Barroso.

Keywords

COUNTERCRAFT, threat, cyberattacks, cyber deception platform, cybercriminals, cybersecurity, digital assets

Discover other articles in the same domain of application