Not so IDLE hands: FBI program offers companies data protection via deception

The FBI's IDLE program uses

Enlarge / The FBI's IDLE program uses "obfuscated" data to hide real data from hackers and insider threats, making data theft harder and giving security teams a tool to spot illicit access. (credit: Getty Images)

The Federal Bureau of Investigations is in many ways on the front lines of the fight against both cybercrime and cyber-espionage in the US. These days, the organization responds to everything from ransomware attacks to data thefts by foreign government-sponsored hackers. But the FBI has begun to play a role in the defense of networks before attacks have been carried out as well, forming partnerships with some companies to help prevent the loss of critical data.

Sometimes, that involves field agents proactively contacting companies when they have information of a threat—as two FBI agents did when they caught wind of researchers trying to alert casinos of vulnerabilities they said they had found in casino kiosk systems. "We have agents in every field office spending a large amount of time going out to companies in their area of responsibility establishing relationships," Long T. Chu, acting assistant section chief for the FBI's Cyber Engagement and Intelligence Section, told Ars. "And this is really key right now—before there's a problem, providing information to help these companies prepare their defenses. And we try to provide as specific information as we can."

But the FBI is not stopping its consultative role at simply alerting companies to threats. An FBI flyer shown to Ars by a source broadly outlined a new program aimed at helping companies fight data theft "caused by an insider with illicit access (or systems administrator), or by a remote cyber actor." The program, called IDLE (Illicit Data Loss Exploitation), does this by creating "decoy data that is used to confuse illicit… collection and end use of stolen data." It's a form of defensive deception—or as officials would prefer to refer to it, obfuscation—that the FBI hopes will derail all types of attackers, particularly advanced threats from outside and inside the network.

Read 22 remaining paragraphs | Comments

https://arstechnica.com/?p=1632381

Source: Ars Technica

By:

The tools and tricks that let Ars Technica function without a physical office
The tools and tricks that let Ars Technica function without a physical office ...
Jan/28/2020
Troubled Iranian rocket industry preparing for another launch attempt
Troubled Iranian rocket industry preparing for another launch attempt ...
Jan/28/2020
Physicists measured forces behind why Cheerios clump together in your bowl
Physicists measured forces behind why Cheerios clump together in your bowl ...
Dec/21/2019
Qualcomm is getting into the self-driving market
Qualcomm is getting into the self-driving market ...
Jan/07/2020
Time check: Examining the Doomsday Clock’s move to 100 seconds to midnight
Time check: Examining the Doomsday Clocks move to 100 seconds to midnight ...
Jan/23/2020
NASA and Boeing are closely looking at Starliner’s thruster performance
NASA and Boeing are closely looking at Starliners thruster performance ...
Jan/21/2020