The research department at TopSpin Security conducted an experiment to investigate the performance of deception technologies in a simulated corporate environment in which more than 50 professional hackers and security experts used their knowledge and skills to try to extract a pre-defined piece of data and stay undetected. The experiment sought to answer a number of questions, including: 1) What kind of attacker will be attracted to what different type of resources (traps)? 2) What deception mechanisms should the defending organization employ? 3) Where should they be placed? 4) What kind of traps should be used Every attack pattern was carefully monitored and upon completion the data logged was analyzed and aggregated. Trends, attack patterns and statistics were derived from the data logged.

From the report, “Today, there are a great many detection (identification and tracking) tools. However, there is not enough emphasis on trapping, resulting in a lack of effective trapping tools and techniques. An effective technique for automating the tracking of cyber attackers and, once found, trapping them, is deception. When implemented well, deception can automate and scale the hunting process, accurately identifying and tracking attackers, and trapping them to protect valuable assets while reducing valuable human resources in this never-ending competition of wits.”