FBI program helps companies fool hackers with ‘decoy data’
The FBI thinks it has a way for companies to limit the damage from data breaches: lure thieves into taking the wrong data. Ars Technica has learned of an FBI program, IDLE (Illicit Data Loss Exploitation), that has companies plant “decoy data” to confuse intruders looking to steal valuable info. Think of it as a honeypot for would-be fraudsters and corporate spies.
Although the FBI isn’t sharing the finer details of how IDLE works, an official told Ars it mixes data within existing data structures to make it appear authentic. A hacker couldn’t just grab data in bulk and expect it all to be useful, and merely downloading the decoys could warn IT staff that something sinister is afoot. The FBI helps create the bogus data using real info, but an official said that the bureau doesn’t retain info and obtains it solely through consent.
There’s no guarantee this will be effective. A smart intruder might parse the data, and it’s only as effective as the company’s underlying security system. If it has sub-par defenses, bait data won’t help much. For the FBI, though, this isn’t as much about providing airtight protection as it is about taking a proactive approach that helps companies “prepare their defenses” instead of merely reacting to breaches when they occur. In that regard, it may be a helpful piece of a larger security puzzle.