Gartner Blog Network


“Now you don’t” –deception in the hacktivists’ arsenal

by Joerg Fritsch  |  January 18, 2014  |  Comments Off on “Now you don’t” –deception in the hacktivists’ arsenal

Recently I watched the movie “Now You See Me”. — For the ones that don’t know this movie, it is about four stage illusionists who pull off tricks at an unprecedented scale and as a thoroughly planned side effect do some wiztiism or wizzavism so to speak. An elaborated sort of revenge that brings justice at last. No wonder that the four wizards call themselves “the four horsemen”. Magic illusions are a very old business that has only changed little over the centuries. Two of the key elements are deception and mirrors. Even in 2014 people fall for mirrors in stage props. We seem to be tuned to be somewhat agreeable to reality distortions.

Now, here is the rising action: Hacktivists frequently do the same. They are credit hogs. They make a big claim, present us some chunk of data that is allegedly from our servers and tell us that we have been hacked, or, that tomorrow by noon our systems will go down unless we liberate the Aliens in Area 51. We have marvelous defenses in place, intrusion protection, advanced persistent threats, — you name it. Against deception most of us have nothing in place leaving us in a position where we only can resort to zeal without knowledge.

Deception works because we do not know what we have. We do not know our own (web) servers, the exact data or the configuration files on them and also not what permissions these files have had yesterday. It is because for a long time periodic File Integrity Monitoring had taken a path where it only seemed useful  to understand the minds of the auditor and not the hacker. After software updates or configuration changes you were confronted with “Big data” and no help to make sense of it. This has changed. Some vendors have products on the market that come in quite handy and seem to be geared to understand the hackers again. you can easily see what you have and don’t need to fall for deception and credit hogs.

Category: server-security  

Tags: deception  file-integrity-monitoring  hacktivism  server-security  

Joerg Fritsch
Research Director
1 year at Gartner
15 years IT Industry

Joerg Fritsch is a Research Director in the Gartner for Technical Professionals Security and Risk Management Strategies team. His specialties include information security, data center and cloud security, big data (analytics), cloud computing, PaaS, distributed systems, messaging and event-driven systems, and very fast networks and servers. Read Full Bio




Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.