Authored by: Carolyn Crandall, Chief Security Advocate & CMO, Attivo Networks
‘Twas the night before Christmas, and all through the network,
Security was strong, leaving nothing to guesswork.
Lures and decoys were spread through the network with care,
So that any attackers would soon be ensnared.
The files and data were all safely secured,
Their protection from attackers was all but assured.
And the security pros who had worked hard all year
Knew the data was safe—there was nothing to fear.
Then out of the system arose an alarm,
And the team leapt to protect the network from harm.
Thanks to their tools they had great visibility,
To see what was disturbing the network’s tranquility.
What they found was their data all safely concealed,
And what triggered the alert was shortly revealed:
When the attackers had queried the Active Directory,
A decoy sent their attack on a brand-new trajectory.
Instead of receiving high-value credentials,
The attackers were isolated from network essentials.
Their celebration, it turns out, had been premature:
All that “valuable data” was merely a lure.
Even cunning attackers’ plans can be foiled,
Their plans for a payday effectively spoiled.
When the defenders returned to their holiday cheer,
They said what attackers all needed to hear:
“Whatever your methods, they’ll soon be subdued,
Credential theft, malware, and ransomware, too!
Deception and concealment are our favorite tools yet,
So, dash away, dash away, dash away threats!”