The UK’s National Cyber Security Centre (NCSC) recently hosted an unprecedented conference at its London headquarters, bringing together international government partners, UK government officials, and industry leaders.
The focus was on exploring the potential of cyber deception technologies and techniques in bolstering cyber defense.
This initiative aims to establish a comprehensive evidence base for using cyber deception nationally, supporting the Active Cyber Defence 2.0 strategy.
Are you from SOC and DFIR Teams? Analyse Malware Incidents & get live Access with ANY.RUN -> Get 14 Days Free Access
Exploring Cyber Deception Technologies
The NCSC has identified two primary use cases for cyber deception technologies. The first involves low-interaction solutions like digital tripwires and honeytokens, which alert organizations to unauthorized access.
These are intended for deployment by all organizations. The second use case involves both low and high-interaction honeypots, which are designed to collect threat intelligence.
These target organizations with mature security operations and managed cybersecurity service providers.
During the conference, it was acknowledged that the term “deception” might carry uncomfortable connotations, but in this context, it refers to technologies like tripwires, honeypots, and breadcrumbs that detect and observe threat actors.
Ambitious Objectives and Research Goals
The NCSC has set ambitious targets to establish a robust evidence base, including deploying 5,000 instances of low and high-interaction solutions across the UK internet, 20,000 instances within internal networks, 200,000 assets in cloud environments, and 2,000,000 tokens.
The goal is to answer key research questions about the effectiveness of these deployments in discovering latent and new compromises and whether their presence influences threat actor behavior.
The NCSC invites public and private sector organizations to collaborate in this effort by sharing details of their deployments and outcomes. The NCSC is eager to partner with organizations that are implementing cyber deception solutions.
Interested parties can contribute by providing information on the types of solutions used, their integration, and the outcomes achieved. This collaboration will help build a comprehensive evidence base, which the NCSC plans to summarize and publish.
Download Free Cybersecurity Planning Checklist for SME Leaders (PDF) – Free Download