Protecting Your Business Data Using Fake Information

Uploaded on 2021-10-20 in TECHNOLOGY--Resilience, FREE TO VIEW

Technology has played a crucial role in allowing us to work from home during the coronavirus pandemic, 
Working remotely with confidential data is is risky under most circumstances and throughout the Coronavirus pandemic there has been an increase in hacking and an increase in the number of companies falling victim to ransomware. 

Cyber criminals have been very quick to adapt their efforts to steal access to information and systems. 

Hackers constantly improve at penetrating cyber defenses to steal valuable documents. So some researchers propose using an artificial-intelligence algorithm to hopelessly confuse them, once they break-in, by hiding the real deal amid a mountain of convincing fakes.

Like regular phishing, spear phishing emails appear to come from a trusted or familiar source. The criminals gather personal information about the target and modify their message to make it look legitimate. Using this critical  information cyber criminals can hack user accounts, email accounts, addresses, names, IP addresses, or take over personal devices. Fraudsters then use the stolen personal details to present themselves as real customers andn use these details to make fraudulent purchases, create fake customer accounts, or manipulate traffic.

If you operate a business online, there are various types of fraudulent activity to be aware of.

  • The most extreme of these include cyberbot attacks, which operate on a massive scale and can access millions of online accounts. 
  • Corporate identity fraud occurs when a fraudster impersonates a legitimate business using fake or stolen company identity and/or financial information to obtain goods, money or services.  
  • A business may be impersonated using phishing emails, bogus websites and/or false invoices. Sometimes a fraudster will even change company details with government agencies such as UK Companies House.

Now an algorithm, called Word Embedding–based Fake Online Repository Generation Engine (WE-FORGE), generates decoys to confuse and frustrate criminals. 

This algorithm can “create a lot of fake versions of every document that a company feels it needs to guard,” says its developer, Dartmouth College cyber security researcher V. S. Subrahmanian. If hackers were after, say, the formula for a new drug, they would have to find the relevant needle in a haystack of fakes. This could mean checking each formula in detail, and perhaps investing in a few dead-end recipes. “The name of the game here is, ‘Make it harder,’” Subrahmanian explains. “‘Inflict pain on those stealing from you.’” 

The system produces convincing decoys by searching through a document for keywords. For each one it finds, it calculates a list of related concepts and replaces the original term with one chosen at random. The process can produce dozens of documents that contain no proprietary information but still look plausible. 

Subrahmanian says he tackled this project after reading that companies are unaware of new kinds of cyber attacks for an average of 312 days after they begin. 

Fraud Advisory Panel:   Met Police:     I-HLS:     NIBusinesInfo:    RightDigitalSolutions:     EmailHippo

If you are unsure how to make your client, financial and operational data totally secure, you should ask an expert in cyber security and digital workflow. Contact Cyber Security Intelligence for  advice and recommendatios on improvi ng your organisation's reslieience.

You Might Also Read: 

Secure Your Personal Email & Social Media Accounts:

 

« International Effort To Reduce Ransomware Attacks
New Report: Average SIEM Deployment Is Over 6 Months »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

NATO Cooperative Cyber Defence Centre (CCDCOE)

NATO Cooperative Cyber Defence Centre (CCDCOE)

NATO CCDCOE's mission is to enhance the capability, cooperation and information sharing among NATO, NATO nations and partners in cyber defence.

Mobile Guroo

Mobile Guroo

Mobile Guroo is a strategy and systems integrator for Enterprise Mobility Management projects.

InfoWatch

InfoWatch

InfoWatch solutions allow you to protect data and information assets that are critically important to your business.

SISSDEN

SISSDEN

SISSDEN will improve cybersecurity through the development of increased awareness and the effective sharing of actionable threat information.

SySS

SySS

SySS is a market leader in penetration testing in Germany and Europe.

Center for Long-Term Cybersecurity (CLTC)

Center for Long-Term Cybersecurity (CLTC)

The Center for Long-Term Cybersecurity is developing and shaping cybersecurity research and practice based on a long-term vision of the internet and its future.

Very Good Security (VGS)

Very Good Security (VGS)

VGS is the modern approach to data security. Our SaaS solution gives you all the benefits of interacting with sensitive and regulated data without the liability of securing it.

Sky Data Vault

Sky Data Vault

Sky Data Vault provide the simplest and most cost effective method of Disaster Recovery / Business Continuity for mission critical systems and applications.

Global Lifecycle Solutions EMEA (Global EMEA)

Global Lifecycle Solutions EMEA (Global EMEA)

Global EMEA provides full lifecycle services to corporate Clients covering procurement, configuration, support, maintenance and end-of-life asset management.

Huntress Labs

Huntress Labs

Huntress provides managed threat detection and response services to uncover and address malicious footholds that slip past your preventive defenses.

CYDES

CYDES

CYDES is the first event in Malaysia to showcase advanced solutions and technologies to address cyber defence and cyber security challenges for the public and private sectors.

Ensighten

Ensighten

Ensighten is a leader in Website Security & Privacy Compliance. Protect your website from malicious attacks, monitor & detect vulnerabilities, protect consumer data.

Cyphra

Cyphra

Cyphra’s team provide cyber security consulting, technical and managed services expertise and experience to support your organisation.

Saporo

Saporo

Saporo helps organizations increase their cyber-resistance. Continuously map your attack surface and get the recommendations you need to make your organization more resistant to attacks.

Bugv

Bugv

Bugv is a crowdsourcing cybersecurity platform powered by human intelligence where we connect businesses with cyber security experts, ethical hackers, bug bounty hunters from all around the world.

European Union Agency for Network and Information Security (ENISA)

European Union Agency for Network and Information Security (ENISA)

The European Union Agency for Cybersecurity, ENISA, is the Union’s agency dedicated to achieving a high common level of cybersecurity across Europe.