Intelligence campaigns in the digital realms

Obiettivo

Many large companies are subject to advanced directed attacks performed by the competence, governments, organized
crime bands, a malicious employee, etc. interested in damaging the company subject of the attack for different reasons.
Cyber criminals grow more sophisticated by the day, and network security architectures are quickly evolving in an attempt to
keep up. Despite recent advances, sophisticated malware authors and cyber criminals are innovating at a faster pace than
security professionals can react to. Attackers are increasingly able to slip past network security applications such as IDSs,
IPSs, next-gen firewalls, and web application firewalls – regardless of how new and comprehensive they are. Thus,
companies can no longer afford to concentrate all of their resources on firewalls and first line of defense systems. They also
need to incorporate “internally focused” solutions such as deception technologies to help identify a criminal while in attack
mode; a criminal that has already bypassed the current state-of-the-art perimeter defenses. The project aims to accelerate
the introduction of the first EU deception tool capable of detecting advanced targeted cyber-attacks, obstructing the actions
of attackers and obtaining the maximum amount of information from them by successfully designing, deploying, monitoring
and managing Counter Intelligence Campaigns. COUNTERCRAFT will allow: To reduce the overall cost of cyberattacks by
50%; to shorten the average computer infection period by 70% from 300 days to 90 days; to reduce the time needed to
effectively design, deploy, monitor and manage counter intelligence campaigns by 80% from 4 hours/day to 48 minutes/day;
to reduce the tendency of COUNTERCRAFT users to be attacked by 60%; to identify the intentions of the attacker; to
leverage “intelligence” information about the attacks to create and distribute indicators of compromise (IOCs); to orchestrate
the cyber-security strategy .

Campo scientifico

• natural sciencescomputer and information sciencessoftwaresoftware applicationssystem softwareoperating systems
• natural sciencescomputer and information sciencescomputer securitymalicious software
• natural sciencescomputer and information sciencescomputer securitydata protection
• natural sciencescomputer and information sciencescomputer securitynetwork security
• social scienceslawcriminology

Programma(i)

• H2020-EU.3.7. - Secure societies - Protecting freedom and security of Europe and its citizens Main Programme
• H2020-EU.2.3.1. - Mainstreaming SME support, especially through a dedicated instrument

Argomento(i)

• SMEInst-13-2016-2017 - Engaging SMEs in security research and development

Meccanismo di finanziamento

Coordinatore