Monday, January 13, 2025
Homecyber securityNCSC to Build Nation-Scale Evidence Base for Cyber Deception

NCSC to Build Nation-Scale Evidence Base for Cyber Deception

Published on

The UK’s National Cyber Security Centre (NCSC) recently hosted an unprecedented conference at its London headquarters, bringing together international government partners, UK government officials, and industry leaders.

The focus was on exploring the potential of cyber deception technologies and techniques in bolstering cyber defense.

This initiative aims to establish a comprehensive evidence base for using cyber deception nationally, supporting the Active Cyber Defence 2.0 strategy.

Are you from SOC and DFIR Teams? Analyse Malware Incidents & get live Access with ANY.RUN -> Get 14 Days Free Access

Exploring Cyber Deception Technologies

The NCSC has identified two primary use cases for cyber deception technologies. The first involves low-interaction solutions like digital tripwires and honeytokens, which alert organizations to unauthorized access.

These are intended for deployment by all organizations. The second use case involves both low and high-interaction honeypots, which are designed to collect threat intelligence.

These target organizations with mature security operations and managed cybersecurity service providers.

During the conference, it was acknowledged that the term “deception” might carry uncomfortable connotations, but in this context, it refers to technologies like tripwires, honeypots, and breadcrumbs that detect and observe threat actors.

Ambitious Objectives and Research Goals

The NCSC has set ambitious targets to establish a robust evidence base, including deploying 5,000 instances of low and high-interaction solutions across the UK internet, 20,000 instances within internal networks, 200,000 assets in cloud environments, and 2,000,000 tokens.

The goal is to answer key research questions about the effectiveness of these deployments in discovering latent and new compromises and whether their presence influences threat actor behavior.

The NCSC invites public and private sector organizations to collaborate in this effort by sharing details of their deployments and outcomes. The NCSC is eager to partner with organizations that are implementing cyber deception solutions.

Interested parties can contribute by providing information on the types of solutions used, their integration, and the outcomes achieved. This collaboration will help build a comprehensive evidence base, which the NCSC plans to summarize and publish.

Download Free Cybersecurity Planning Checklist for SME Leaders (PDF) – Free Download

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Critical macOS Vulnerability Lets Hackers to Bypass Apple’s System Integrity Protection

Microsoft Threat Intelligence has uncovered a critical macOS vulnerability that allowed attackers to bypass...

CISA Released A Free Guide to Enhance OT Product Security

To address rising cyber threats targeting critical infrastructure, the U.S. Cybersecurity and Infrastructure Security...

Microsoft Warns of MFA Issue Affecting Microsoft 365 users

Microsoft has issued a warning regarding an ongoing issue with Multi-Factor Authentication (MFA) that...

RedCurl APT Deploys Malware via Windows Scheduled Tasks Exploitation

Researchers identified RedCurl APT group activity in Canada in late 2024, where the attackers...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Critical macOS Vulnerability Lets Hackers to Bypass Apple’s System Integrity Protection

Microsoft Threat Intelligence has uncovered a critical macOS vulnerability that allowed attackers to bypass...

CISA Released A Free Guide to Enhance OT Product Security

To address rising cyber threats targeting critical infrastructure, the U.S. Cybersecurity and Infrastructure Security...

Microsoft Warns of MFA Issue Affecting Microsoft 365 users

Microsoft has issued a warning regarding an ongoing issue with Multi-Factor Authentication (MFA) that...