Cyberspace has become the new frontier for next-generation battle. As hackers launch more sophisticated attacks, security researchers are racing against time to develop effective cyber defences. Now, experts have developed a new system that could deter hackers like never before. HADES (High-fidelity Adaptive Deception & Emulation System) is the new next-gen cyber-defensive system – an "alternate reality" that has been designed to trick hackers into exposing their tools and techniques by making them believe that their attacks are progressing successfully.
HADES is the brainchild
of security researchers at Sandia National Laboratories. It is essentially a
system, which clones the targeted environment a hacker aims to breach.
When an attack isdiscovered, instead of immediately cutting off a hacker's access
into the system, the attacker is lured into HADES. The alternate reality
provided by HADES allows the hacker is to carry out the attack, without
alerting him/her about already having been detected.
HADES also provides security experts with a unique opportunity
to analyse hackers' techniques and tools in real time.
"Deception is the future of cyber defense," security
researcher Vince Urias, who along with his team, created HADES, said in a
statement. "Simply kicking a hacker out is next-to-useless. The hacker has
asymmetry on his side; we have to guard a hundred possible entry points and a
hacker only needs to penetrate one to get in."
So, a hacker may report to his handler that he or she has
cracked our system and will be sending back reports on what we're doing. Let's
say they spent 12 months gathering info. When they realize we've altered their
reality, they have to wonder: at what point did their target start using
deception, at what point should they not trust the data? They may have received
a year or so of false information before realizing something is wrong,"
Urias explains.
By the time the attackers eventually figures out that something
is wrong, they would have already exposed their methods and tools. "Then
he's like a goldfish fluttering in a bowl," Urias said , "He exposes
his techniques and we see everything he does."
However, HADES has one disadvantage – the more complex the
deceptive environment, the more CPU power and memory resources required to
deploy the system.
HADES has already allowed security experts to locate malware
introduced into a system by an attacker and is capable of active attack. The US
Department of Homeland Security (DHS) is working with Sandia to deploy it.
The unique system may be helpful in barricading against threats,
while simultaneously gathering information on adversaries.
No comments:
Post a Comment