Why are endpoints on the network vulnerable?
Every endpoint in a production network is a potential entry point for a hacker. Once on the network, the attacker can use their specialized hacking tools to move on undetected and elevate their privileges, all the way up to administrator. Research shows that attackers can remain on the network for up to several months before conventional security systems detect them.
Which endpoints are most interesting to hackers?
The most interesting endpoints for hackers are those that are poorly monitored or on which the latest software is not or cannot always be installed immediately. They serve as a simple gateway for hackers to navigate their way around the network undisturbed.
Why are IoT devices a popular point of attack?
The basic software of IoT devices is a so-called firmware. It is comparable to the operating systems of computers and servers. In many cases, this firmware is obsolete or is not updated as often, and thus the risk that it presents a vulnerability that an attacker can exploit is significantly higher than with conventional operating systems.
How is an attacker redirected into the Deception environment?
When our Endpoint Deception is active, a hacker will find deliberately placed but false information as he searches the network. As a result of using this false information, this attacker automatically ends up in a perfect replica of the corporate network (the Deception environment) at which point the responsible IT system administrator gets notified via an alert.
Why doesn’t the attacker realize that he is getting false credentials?
The credentials that the attacker receives are intended for actual systems with real operating systems and services, the so-called traps (decoys). Therefore, he can never determine whether these credentials are real or fake because they do not differ in any way from real credentials.
How long do hackers without deception technology remain undetected on the network?
The global average of the so-called “dwell time” was recently estimated at 56 days. With CYBERTRAP Endpoint Deception you can reduce the dwell time of otherwise undetected attackers in your network by up to 97%.