{"title":"Planting a Poison SEAD: Using Social Engineering Active Defense (SEAD) to Counter Cybercriminals","authors":"Matthew Canham, Juliet Ruby Tuthill","doi":"10.31219/osf.io/6xj93","DOIUrl":null,"url":null,"abstract":"By nearly every metric, the status quo of information security is not working. The interaction matrix of attacker-defender dynamics strongly favors the attacker who only needs to be lucky once. We argue that employing social engineering active defense (SEAD) will be more effective to countering malicious actors than maintaining the traditional passive defensive strategy. The Offensive Countermeasures (OCM) approach to defense advocates for three categories of countermeasures: annoyance, attribution, and attack. Annoyance aims to waste the attacker’s time and resources with the objective of not only deterrence but also to increase the probability of detection and attribution. Attribution attempts to identify who is launching the attack. Gathering as much threat intelligence on who the attacker is, provides the best possible defense against future attacks. Finally, attack involves running code on the attacker’s system for the purpose of deterrence and attribution. In this work, we advocate for utilizing similar approaches to deny, degrade, and de-anonymize malicious actors by using social engineering tools, tactics, and procedures against the attackers. Rather than fearing the threats posed by synthetic media, cyber defenders should embrace these capabilities by turning these against criminals. Future research should explore ways to implement synthetic media and automated SEAD methods to degrade the capabilities of online malicious actors.","PeriodicalId":129626,"journal":{"name":"Interacción","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-02-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Interacción","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.31219/osf.io/6xj93","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
By nearly every metric, the status quo of information security is not working. The interaction matrix of attacker-defender dynamics strongly favors the attacker who only needs to be lucky once. We argue that employing social engineering active defense (SEAD) will be more effective to countering malicious actors than maintaining the traditional passive defensive strategy. The Offensive Countermeasures (OCM) approach to defense advocates for three categories of countermeasures: annoyance, attribution, and attack. Annoyance aims to waste the attacker’s time and resources with the objective of not only deterrence but also to increase the probability of detection and attribution. Attribution attempts to identify who is launching the attack. Gathering as much threat intelligence on who the attacker is, provides the best possible defense against future attacks. Finally, attack involves running code on the attacker’s system for the purpose of deterrence and attribution. In this work, we advocate for utilizing similar approaches to deny, degrade, and de-anonymize malicious actors by using social engineering tools, tactics, and procedures against the attackers. Rather than fearing the threats posed by synthetic media, cyber defenders should embrace these capabilities by turning these against criminals. Future research should explore ways to implement synthetic media and automated SEAD methods to degrade the capabilities of online malicious actors.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
