Protecting Your Business Data Using Fake Information

Technology has played a crucial role in allowing us to work from home during the coronavirus pandemic, 
Working remotely with confidential data is is risky under most circumstances and throughout the Coronavirus pandemic there has been an increase in hacking and an increase in the number of companies falling victim to ransomware. 

Cyber criminals have been very quick to adapt their efforts to steal access to information and systems. 

Hackers constantly improve at penetrating cyber defenses to steal valuable documents. So some researchers propose using an artificial-intelligence algorithm to hopelessly confuse them, once they break-in, by hiding the real deal amid a mountain of convincing fakes.

Like regular phishing, spear phishing emails appear to come from a trusted or familiar source. The criminals gather personal information about the target and modify their message to make it look legitimate. Using this critical  information cyber criminals can hack user accounts, email accounts, addresses, names, IP addresses, or take over personal devices. Fraudsters then use the stolen personal details to present themselves as real customers andn use these details to make fraudulent purchases, create fake customer accounts, or manipulate traffic.

If you operate a business online, there are various types of fraudulent activity to be aware of.

  • The most extreme of these include cyberbot attacks, which operate on a massive scale and can access millions of online accounts. 
  • Corporate identity fraud occurs when a fraudster impersonates a legitimate business using fake or stolen company identity and/or financial information to obtain goods, money or services.  
  • A business may be impersonated using phishing emails, bogus websites and/or false invoices. Sometimes a fraudster will even change company details with government agencies such as UK Companies House.

Now an algorithm, called Word Embedding–based Fake Online Repository Generation Engine (WE-FORGE), generates decoys to confuse and frustrate criminals. 

This algorithm can “create a lot of fake versions of every document that a company feels it needs to guard,” says its developer, Dartmouth College cyber security researcher V. S. Subrahmanian. If hackers were after, say, the formula for a new drug, they would have to find the relevant needle in a haystack of fakes. This could mean checking each formula in detail, and perhaps investing in a few dead-end recipes. “The name of the game here is, ‘Make it harder,’” Subrahmanian explains. “‘Inflict pain on those stealing from you.’” 

The system produces convincing decoys by searching through a document for keywords. For each one it finds, it calculates a list of related concepts and replaces the original term with one chosen at random. The process can produce dozens of documents that contain no proprietary information but still look plausible. 

Subrahmanian says he tackled this project after reading that companies are unaware of new kinds of cyber attacks for an average of 312 days after they begin. 

Fraud Advisory Panel:   Met Police:     I-HLS:     NIBusinesInfo:    RightDigitalSolutions:     EmailHippo

If you are unsure how to make your client, financial and operational data totally secure, you should ask an expert in cyber security and digital workflow. Contact Cyber Security Intelligence for  advice and recommendatios on improvi ng your organisation's reslieience.

You Might Also Read: 

Secure Your Personal Email & Social Media Accounts:

 

« International Effort To Reduce Ransomware Attacks
New Report: Average SIEM Deployment Is Over 6 Months »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Backup Technology

Backup Technology

Backup Technology is a world leader in the Online Cloud Backup, Disaster Recovery and Business Continuity market.

Planit Testing

Planit Testing

Planit is a leader in Quality Assurance and a specialist in software testing and training services.

Lares Consulting

Lares Consulting

Lares is a security consulting firm that helps companies secure electronic, physical, intellectual, and financial assets through a unique blend of assessment, testing and coaching.

CLUSIS

CLUSIS

CLUSIS is an association for the information security industry in Switzerland.

ActiveCyber

ActiveCyber

ActiveCyber is a source for news, reviews, learning, and technological innovation in the active cyber defense industry.

Identify Security Software

Identify Security Software

Our mission is to bring in a new age of autonomous human authentication in the security and identity space.

Tier1Asset (T1A)

Tier1Asset (T1A)

T1A is Europe’s leading IT refurbisher. We offer certified data erasure using blancco on site and at our facilities, providing environmentally sound disposal of your used equipment.

Nemko

Nemko

Nemko offers testing, inspection, and certification services worldwide, mainly concerning products and systems, but also for machinery, installations, and personnel.

GLESEC

GLESEC

GLESEC offer a complete range of Cyber Security services from Operations & Intelligence Services to Auditing & Compliance and Simulation and Training.

spriteCloud

spriteCloud

spriteCloud is an independent software testing, test automation and cybersecurity services provider.

SEK Security Ecosystem Knowledge

SEK Security Ecosystem Knowledge

SEK helps companies in the complex path of cybersecurity; in the analysis, detection and prevention of digital threats.

DerSecur

DerSecur

DerSecur has been engaged in advanced technology activities in the field of Application Security since 2011. We offer R&D technology solutions in the field of SAST, DAST and SCA analysis.

Awareness Software Limited (ASL)

Awareness Software Limited (ASL)

As Hosting Specialists, Awareness Software offer practical and affordable hosting solutions including backup and disaster recovery and a range of cybersecurity services.

Telarus

Telarus

Telarus is a Technology Services Brokerage that holds contracts with the world's leading cloud voice, contact center, cybersecurity, mobility and IoT providers.

INT3L

INT3L

The INT3L group (formerly Defentek) is a provider of national security and intelligence solutions, systems and services.

Krash Consulting

Krash Consulting

Krash Consulting is a premier provider of Cyber Security solutions, offering a range of services to safeguard businesses against cyber-attacks, minimize fraud, and protect brand reputation globally.