Opinion

Is ‘SexyDefense’ The Future of Anti-Espionage?

At the recent SOURCE Boston conference, one presentation that caught my attention was
called SexyDefense – Maximizing the home-field advantage.

This was quite a thought-provoking presentation that was based on the old concept that offense is always the best defense.

Basically, the idea is to profile your attacker(s) and subsequently modify their attack tools to something that you can silently detect. The premise is that they continue to use their attack tool because they believe they are going undetected.

During the talk, the speaker gave one example of a cryptor which had been marketed as fully undetectable. In reality, there was an anti-virus program which did detect files crypted using this cryptor. As a result, they hacked the server, modified the cryptor to make it truly undetectable statically and added silent detection/protection at their end.

Obviously, there are some very clear ethical and legal issues with this approach.

Those issues aside, this approach forces us to ponder the question: Is this the possible future in the (anti-)espionage era?

When dealing with cyber-espionage you can never have enough intelligence. And this approach is certainly a very interesting one to go about gathering more intel.

I’m not a fan of using vigilante tactics. But as more companies and industries grow increasingly frustrated with cyber-espionage/APT, I do expect to see an increase in the adoption of using offense as defense.

Interesting times.

Is ‘SexyDefense’ The Future of Anti-Espionage?

Your email address will not be published. Required fields are marked *

 

Reports

BlindEagle flying high in Latin America

Kaspersky shares insights into the activity and TTPs of the BlindEagle APT, which targets organizations and individuals in Colombia, Ecuador, Chile, Panama and other Latin American countries.

APT trends report Q2 2024

The report features the most significant developments relating to APT groups in Q2 2024, including the new backdoor in Linux utility XZ, a new RAT called SalmonQT, and hacktivist activity.

Subscribe to our weekly e-mails

The hottest research right in your inbox