The Los Angeles Times, has in interesting story, on a new Cybersecurity company:

“CrowdStrike is at the forefront of a new business model for cyber security, one that identifies sophisticated foreign attackers trying to steal U.S. intellectual property and uses the attackers' own techniques and vulnerabilities to thwart them.

The firm is marketing itself as a private cyber intelligence agency, staking out networks to catch infiltrators, assembling dossiers on hackers and fooling intruders into stealing bogus data.”

…

So CrowdStrike uses decoys to lure hackers into a controlled environment so investigators can watch and trace the attack. Sometimes the company feeds hackers false information, as in a case recently when a client was entering negotiations in China and expected to be hacked.

CrowdStrike, which employs Chinese linguists and former U.S. government cyber warriors, also has identified Chinese hackers using clues in their malware. It then profiles them — complete with real names and photos — using information gathered from a variety of sources.

There have been instances, where this technique, of infecting hackers, has been moderately successful.  There are also many more instances where this technique wasn’t so successful.

During a cyber-attack, two questions are frequently asked, “Who?”, and “Why?”  Two things you often do not know, during a cyber-attack incident response, is who, and why.

Clifford Stoll famously wrote of his experience in 1985, tracking down a hacker, in his book, “The Cukoo’s Egg.”  The Kevin Mitnick/Tsutomu Shimomura affair, is more history on the pursuit of a hacker.

Your Name / Email Address
Security Check. Please enter this code Listen to code