Three (Totally Legal) Strategies for ‘Fighting Back’ Against Cybercriminals
The idea of ‘fighting back’ against hackers is both scary and risky business. Most security professionals would strongly advise against it, in part because one false move could land you behind bars. But ‘fighting back’ doesn’t have to translate into attacking an attacker’s IP address, setting up lethal traps for hackers, or purposely damaging systems--it’s about defending your own networks, while working to identify and gather evidence of the attack and attackers.
Tenable’s Paul Asadoorian will be presenting alongside John Strand, Senior Instructor with the SANS Institute, on this topic at RSA today, March 1, 2012. They’ll share practical advice on how to responsibly integrate offensive measures into your network security strategies. They’ll also cover legal considerations, relevant case studies of people and organizations that strategically (and legally) fought back, sensible techniques, and strategies for determining if offensive countermeasures are right for you.
Here’s a quick look at three ‘offensive’ strategies Paul and John will cover in the presentation:
- Annoyance: The presentation will include tips on how to set HoneyPot traps, find vulnerabilities with hacker’s tools and build those exploits into your websites, set up infinitely recursive directories that send scripts into an endless loop, and set traps for malicious spiders (while gently nudging Googlebots away from danger). Ruining a hacker’s afternoon is certainly fun, but its serves a practical purpose, too--preventing cybercriminals from effectively scanning and monitoring your systems.
-
Attribution: Gaining insight on your attacker puts you in a better position to defend your network, and arms attorneys with the evidence they need. Paul and John will share techniques to get the info you need, and more importantly, make sure that your traps aren’t giving hackers a launch pad for additional attacks.
-
Attack: The goal is to get inside and collect information on what the attacker is doing. They’ll show you how to get a hacker to load a ‘malicious’ Java Application (with non-damaging commands), and prevent the hackers from redirecting your users.
Disclaimer: Before you test out these strategies for fighting back, consult with your company’s legal and management teams. Going rogue can be fun; it can also get you in serious trouble if you’re not careful.
Related Articles
Cybersecurity Snapshot: Many Employees Overshare Work Info with AI Tools, Report Finds, as ‘Cybersecurity Awareness Month’ Kicks Off
October 4, 2024Check out the best practices cyber agencies are promoting during Cybersecurity Awareness Month, as a report warns that staffers are feeding confidential info to AI tools. Meanwhile, a study highlights how business decisions can derail OT security. Plus, get the latest on Active Directory security, CISO salary trends and ransomware attacks!
How to Unlock Advanced IoT Visibility for Cyber-Physical Systems
October 1, 2024As the number of IoT devices deployed globally continues to rise, cyber-physical systems and business operations are exposed to greater risk. Improving asset visibility, monitoring and risk management are critical steps to preventing breaches.
Cybersecurity Snapshot: NIST Program Probes AI Cyber and Privacy Risks, as U.S. Gov’t Tackles Automotive IoT Threat from Russia, China
September 27, 2024A new NIST program will revise security frameworks like NIST’s CSF as AI risks intensify. Plus, the U.S. may ban cars with Russian and Chinese IoT components. Meanwhile, the CSA adds AI insights to its zero trust guide. And get the latest on cybersecurity budgets, SBOMs and the Ghost cybercrime platform!