Excerpted from the ebook “Deception and Counter Deception: Moving Target Attacks vs. Moving Target Defense” by Mordechai Guri, Chief Science Officer at Morphisec. Download the full eBook here.
In the arms race between cyber attackers and cyber defense technologies, attackers currently claim control. They employ sophisticated deception techniques designed to evade traditional and even “next generation” defense mechanisms, for example by hiding malicious behavior and disguising it as benign or unknown behavior. We outlined these techniques, collectively known as Moving Target Attacks (MTA), in our previous blog post. But there is a cyber defense strategy that breaks the attack-patch cycle. Moving Target Defense (MTD) uses counter-deception techniques that constantly change the target surface, so that attackers can’t get a foothold.
There are three main categories of MTD:
All of these techniques are intended to morph the target, making it unfamiliar to the attacker. MTD forces the attacker to learn the target over and over again, increasing the likelihood of discovery and making attacks costly and unfeasible.
By using deception and MTA, attackers had the upper hand by camouflaging their next moves. The new MTD paradigm turns the tables by making the attacker operate in an uncertain and unpredictable environment. MTD at the OS and Application levels holds particular promise, as a successful attack depends on accurate information about the targeted operating system and application.
The new ebook Deception and Counter Deception: Moving Target Attacks vs. Moving Target Defense, Morphisec's Chief Science Officer Mordechai Guri analyzes how the latest MTA attack techniques evade current defense mechanisms and explores Moving Target Defense (MTD) countermeasures. Guri also explores the advantages of this new paradigm in regaining the upper hand in the struggle against cyberattacks. To learn more, download the full eBook here.