Sorry!! The article you are trying to read is not available now.

The Sneaky Ways That Companies Are Getting Even With Hackers

Print comment Post Comments

With increasing cyber attacks that are only getting more sophisticated by the day, some US companies like Facebook (FB) aren’t just getting mad, they’re getting even, Reuters reports.

The new tactics, referred by the cyber security guys as “active defense” or “strike back technology,” employ aggressive offensive strategies, as opposed to defense-only measures that have been the norm.

While some companies have gone as far as illegally hiring contractors to hack into the assailants’ own systems, the majority of businesses fighting back employ more sneaky measures that aim to delay the hacker as well as other forms of subterfuge.

Shawn Jenry, the Former FBI head of cybercrime investigations and current employee of security company CrowdStrike, says that the industry no longer can just repair the damage done after an attack and hope updating some software can prevent future ones.

Instead now, he said, “Not only do we put out the fire, but we also look for the arsonist."

For instance, once the company is onto a hacker who’s breached its network, it doesn’t boot him out right away. Instead, it will try to waste the hacker’s time and resources by keeping him or her in the system as long as possible by teasing them with valuable material which will prove impossible to extract. Some companies will even try to trick the intruder into grabbing dummy files that contain beacons which will later betray info about the hacker’s own machines, a move CrowdStrike co-founder Dmitri Aleprovich doesn’t approve of. Still, he says, companies should fight back.

Facebook, for instance, is known for going on the offensive, as demonstrated last January by the company when it publicly identified some of the Russians behind the destructive “Koobface” virus software.

While going head-head with these guys can be tempting, some experts don’t see any benefits in engaging them in this fashion.

"There is no business case for it,” John Pescatore, an NSA and Secret Service vet and cyber current security specialist, said. “And no possible positive outcome."

In certain high-stake business negotiations, one company may suspect the other of trying to view secret emails and documents. Instead of trying to keep them out, it willl allow the docs to be “stolen” by the competitors. Except the information will be totally fabricated of course, giving the attacked company the upper hand in future talks. (See The Brady Bunch episode “Quarterback Sneak” where Greg pulls a similar scheme on a rival high school football star with a phony playbook.)

After hacking group Lulz Security’s multiple cyber attacks last year on Sony (SNE) -- and the threat against Apple (AAPL) continues to grow -- many insiders hoped the high-profile breach would encourage tougher federal cyber security laws to be passed. So far no luck, but don’t worry because when was the last time Congress failed anybody?
POSITION:  No positions in stocks mentioned.