Protecting Your Business Data Using Fake Information

Uploaded on 2021-10-20 in TECHNOLOGY--Resilience, FREE TO VIEW

Technology has played a crucial role in allowing us to work from home during the coronavirus pandemic, 
Working remotely with confidential data is is risky under most circumstances and throughout the Coronavirus pandemic there has been an increase in hacking and an increase in the number of companies falling victim to ransomware. 

Cyber criminals have been very quick to adapt their efforts to steal access to information and systems. 

Hackers constantly improve at penetrating cyber defenses to steal valuable documents. So some researchers propose using an artificial-intelligence algorithm to hopelessly confuse them, once they break-in, by hiding the real deal amid a mountain of convincing fakes.

Like regular phishing, spear phishing emails appear to come from a trusted or familiar source. The criminals gather personal information about the target and modify their message to make it look legitimate. Using this critical  information cyber criminals can hack user accounts, email accounts, addresses, names, IP addresses, or take over personal devices. Fraudsters then use the stolen personal details to present themselves as real customers andn use these details to make fraudulent purchases, create fake customer accounts, or manipulate traffic.

If you operate a business online, there are various types of fraudulent activity to be aware of.

  • The most extreme of these include cyberbot attacks, which operate on a massive scale and can access millions of online accounts. 
  • Corporate identity fraud occurs when a fraudster impersonates a legitimate business using fake or stolen company identity and/or financial information to obtain goods, money or services.  
  • A business may be impersonated using phishing emails, bogus websites and/or false invoices. Sometimes a fraudster will even change company details with government agencies such as UK Companies House.

Now an algorithm, called Word Embedding–based Fake Online Repository Generation Engine (WE-FORGE), generates decoys to confuse and frustrate criminals. 

This algorithm can “create a lot of fake versions of every document that a company feels it needs to guard,” says its developer, Dartmouth College cyber security researcher V. S. Subrahmanian. If hackers were after, say, the formula for a new drug, they would have to find the relevant needle in a haystack of fakes. This could mean checking each formula in detail, and perhaps investing in a few dead-end recipes. “The name of the game here is, ‘Make it harder,’” Subrahmanian explains. “‘Inflict pain on those stealing from you.’” 

The system produces convincing decoys by searching through a document for keywords. For each one it finds, it calculates a list of related concepts and replaces the original term with one chosen at random. The process can produce dozens of documents that contain no proprietary information but still look plausible. 

Subrahmanian says he tackled this project after reading that companies are unaware of new kinds of cyber attacks for an average of 312 days after they begin. 

Fraud Advisory Panel:   Met Police:     I-HLS:     NIBusinesInfo:    RightDigitalSolutions:     EmailHippo

If you are unsure how to make your client, financial and operational data totally secure, you should ask an expert in cyber security and digital workflow. Contact Cyber Security Intelligence for  advice and recommendatios on improvi ng your organisation's reslieience.

You Might Also Read: 

Secure Your Personal Email & Social Media Accounts:

 

« International Effort To Reduce Ransomware Attacks
New Report: Average SIEM Deployment Is Over 6 Months »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Muninn

Muninn

At Muninn (aka Wehowsky), we specialize in mitigating potential risks within your network, providing one of the leading network detection and response (NDR) solutions on the market.

Data Resolve Technologies

Data Resolve Technologies

Data Resolve offer a mechanism through which customers can detect and tackle various kinds of sensitive activities pertaining to data loss and data theft.

Learning Tree International

Learning Tree International

Learning Tree's comprehensive cyber security training curriculum includes specialised IT security training and general cyber security courses for all levels of your organisation including the C-suite.

GM Security Technologies

GM Security Technologies

GM Security Technologies provides leading managed security services of the highest quality to every type of individual and organization in Puerto Rico, Caribbean and Latin America.

SWAT Systems

SWAT Systems

SWAT Systems is an IT support and cyber security managed service provider.

Huntington Ingalls Industries (HII)

Huntington Ingalls Industries (HII)

Huntington Ingalls Industries is America’s largest military shipbuilding company and a provider of professional services to partners in government and industry.

NASK SA

NASK SA

NASK SA is an integrator of telecommunications services. We provide advanced ICT security services, collocation and hosting, data centre services, and build corporate networks.

Def-Logix

Def-Logix

Def-Logix was founded in 2008 to help solve cyber threats being experienced by government agencies of the United States.

Babble

Babble

Babble is a Unified Comms, Contact Centre and Cyber Solutions provider. We believe in making next-generation technology simple to use, deploy and manage.

Scybers

Scybers

Scybers are a global cybersecurity advisory and managed services company. With our deep expertise, we help our clients reduce their cyber risks with confidence.

Safe Decision

Safe Decision

Safe Decision is an information technology company offering Cyber Security, Network, and Infrastructure Services and Solutions.

Parablu

Parablu

Parablu is a leading provider of data security and resiliency solutions for the digital enterprise.

Covenant Technologies

Covenant Technologies

Make Covenant Technologies the only choice for your IT and cybersecurity recruitment needs. We deliver quality candidates at the forefront of the cybersecurity and IT industry.

DIGISOC

DIGISOC

DIGISOC, a leader in Latin America in Cybersecurity solutions, combines machine learning with human intelligence to be effective in detecting cyber threats.

Token

Token

Token is changing the way our customers secure their organizations by providing passwordless, biometric, multifactor authentication.

MadWolf Technologies

MadWolf Technologies

MadWolf’s mission is to deliver enterprise-quality managed services and focused applications to organizations operating in the non-profit, association and international development sectors.