Protecting Your Business Data Using Fake Information

Uploaded on 2021-10-20 in TECHNOLOGY--Resilience, FREE TO VIEW

Technology has played a crucial role in allowing us to work from home during the coronavirus pandemic, 
Working remotely with confidential data is is risky under most circumstances and throughout the Coronavirus pandemic there has been an increase in hacking and an increase in the number of companies falling victim to ransomware. 

Cyber criminals have been very quick to adapt their efforts to steal access to information and systems. 

Hackers constantly improve at penetrating cyber defenses to steal valuable documents. So some researchers propose using an artificial-intelligence algorithm to hopelessly confuse them, once they break-in, by hiding the real deal amid a mountain of convincing fakes.

Like regular phishing, spear phishing emails appear to come from a trusted or familiar source. The criminals gather personal information about the target and modify their message to make it look legitimate. Using this critical  information cyber criminals can hack user accounts, email accounts, addresses, names, IP addresses, or take over personal devices. Fraudsters then use the stolen personal details to present themselves as real customers andn use these details to make fraudulent purchases, create fake customer accounts, or manipulate traffic.

If you operate a business online, there are various types of fraudulent activity to be aware of.

  • The most extreme of these include cyberbot attacks, which operate on a massive scale and can access millions of online accounts. 
  • Corporate identity fraud occurs when a fraudster impersonates a legitimate business using fake or stolen company identity and/or financial information to obtain goods, money or services.  
  • A business may be impersonated using phishing emails, bogus websites and/or false invoices. Sometimes a fraudster will even change company details with government agencies such as UK Companies House.

Now an algorithm, called Word Embedding–based Fake Online Repository Generation Engine (WE-FORGE), generates decoys to confuse and frustrate criminals. 

This algorithm can “create a lot of fake versions of every document that a company feels it needs to guard,” says its developer, Dartmouth College cyber security researcher V. S. Subrahmanian. If hackers were after, say, the formula for a new drug, they would have to find the relevant needle in a haystack of fakes. This could mean checking each formula in detail, and perhaps investing in a few dead-end recipes. “The name of the game here is, ‘Make it harder,’” Subrahmanian explains. “‘Inflict pain on those stealing from you.’” 

The system produces convincing decoys by searching through a document for keywords. For each one it finds, it calculates a list of related concepts and replaces the original term with one chosen at random. The process can produce dozens of documents that contain no proprietary information but still look plausible. 

Subrahmanian says he tackled this project after reading that companies are unaware of new kinds of cyber attacks for an average of 312 days after they begin. 

Fraud Advisory Panel:   Met Police:     I-HLS:     NIBusinesInfo:    RightDigitalSolutions:     EmailHippo

If you are unsure how to make your client, financial and operational data totally secure, you should ask an expert in cyber security and digital workflow. Contact Cyber Security Intelligence for  advice and recommendatios on improvi ng your organisation's reslieience.

You Might Also Read: 

Secure Your Personal Email & Social Media Accounts:

 

« International Effort To Reduce Ransomware Attacks
New Report: Average SIEM Deployment Is Over 6 Months »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Conscio Technologies

Conscio Technologies

Conscio Technologies is a specialist in IT security awareness. Our solutions allow you to easily manage innovative online IT awareness campaigns.

Seagate Technology

Seagate Technology

Seagate data storage systems are purpose-built for enterprise and data centre performance, scalability, reliability and security.

ThreatHunter.ai

ThreatHunter.ai

ThreatHunter.ai (formerly Milton Security) is a business that tracks down and mitigates attacks in real time using our ARGOS Platform and our Elite Threat Hunters.

Compass Security

Compass Security

Compass Security is a specialist IT Security consultancy firm based in Switzerland. Services include pentesting, security assessments, digital forensics and security training.

Introspective Networks

Introspective Networks

Introspective Networks (IN) is a Cybersecurity company focusing on securing data in the network and automating knowledge work to decrease vulnerability points to critical infrastructure.

Open Information Security Foundation (OISF)

Open Information Security Foundation (OISF)

OISF is a non-profit organization led by world-class security experts, programmers, and others dedicated to open source security technologies.

Secarma

Secarma

Secarma provides penetration testing, security assessments, consultancy, and training services to ensure your digital infrastructure is secure from cybersecurity threats.

Emsisoft

Emsisoft

Emsisoft protects your devices against all types of malware, ransomware and other threats with no-bloat anti-malware & antivirus solutions.

CoverWallet

CoverWallet

CoverWallet combines deep analytics, thoughtful design and state of the art technology to help small businesses with all their insurance needs including Cyber Liability.

Injazat

Injazat

Injazat Data Systems is an industry recognized market leader in the Gulf region for Information Technology, Data Center and Managed Services.

WhiteJar

WhiteJar

WhiteJar offers an innovative approach to modern cybersecurity needs, empowering Ethical Hackers within its unique crowd platform.

MoogleLabs

MoogleLabs

MoogleLabs leverage AI/ML, Blockchain, DevOps, and Data Science to come up with the best solutions for diverse businesses.

Distology

Distology

Distology are an award-winning cloud security distributor bringing a wealth of experience and strong relationships with a huge breadth of partners covering the UK, Ireland and Benelux.

US Department of State - Bureau of Cyberspace & Digital Policy

US Department of State - Bureau of Cyberspace & Digital Policy

The Bureau of Cyberspace and Digital Policy leads and coordinates the Department’s work on cyberspace and digital diplomacy to encourage responsible state behavior in cyberspace.

Nexsan

Nexsan

Nexsan offers versatile and robust data storage solutions tailored to adapt seamlessly across a diverse range of sectors, ensuring reliable performance for critical data management.

CirrusHQ

CirrusHQ

CirrusHQ are a Specialist AWS Advanced Consulting Partner with a focus on Cloud Management, DevOps, Migration and Consulting Services for the private and public sectors.