Go To Home

Doing Our Bit to Defend Essential Services

by Amir Moin


TL;DR – We’ve partnered with Amazon Web Services to give a three-month license of our perimeter deception solution to essential services organisations for free.

It’s been heartening to see businesses come forward to help others. We took some time to study how Smokescreen could have the most positive impact. We analysed 500,000+ decoy interactions in our deception platform to see where businesses face the greatest threats.

Here’s what we found:

  • Perimeter-facing attacks have increased by 25% – Over 4 weeks, attackers ramped up attacks on the external perimeter as companies support remote users.
  • 50% of attacks target VPN and webmail systems – The most attacked honeypots are VPNs (34.3%) and webmail (17.5%). Citrix and Pulse Secure Connect are on the radar.
  • 62% of attacks originated from cloud providers – The use of cloud resources to stage attacks make it difficult for organisations to filter by source or region.
  • Only 50% of attacks are from known-bad sources – Traditional threat intel feeds aren’t seeing the whole picture as attackers repurpose infrastructure less and less.

You can read the white paper here.

With a massive increase in Internet-exposed assets and employees working from home, security teams are dealing with a new set of threats. VPN portals, Citrix servers, and other Internet-facing infrastructure are under siege, and COVID themed phishing campaigns are more effective than they’ve ever been.

You’re overworked and need a simple solution to a complex problem that is useful right NOW! We believe perimeter deception can help. You can deploy Internet-facing decoys in under an hour and they will immediately start detecting a variety of Internet-facing threats including:

  • Attacks on remote access services
  • Credential theft and credential stuffing attacks
  • Attacker groups specifically targeting your organisation

Deception alerts are low false positive so your security team doesn’t have to deal with another dashboard. And since these are high-confidence detections, you can orchestrate responses to automatically contain the threats.

We urge you to set up these decoys because of how low touch and effective they are (our team will do the heavy lifting).

We will openly share the IOCs (indicators of compromise) from this initiative with the broader security community for the greater good.

Write to covid19@smokescreen.io requesting access or fill up this form and my team will set you up asap.

List of qualified industries

  • Hospitals and healthcare
  • Pharmaceutical companies
  • Manufacturing companies
  • Banking & financial services
  • Grocery / Food delivery services
  • E-commerce companies
  • Energy and utilities

Continue Reading

Have you tried out IllusionBLACK yet?
  • Detect zero-days, APTs, and insider threats
  • 10x the detection capabilities with 1/2 the team
  • Get started in minutes, fully functional in hours
Schedule a demo
Go to home

Simple solutions for detecting and containing threats. Working with us does not break the bank or your spirit. We’re the company of choice for offensive security teams with a Net Promoter Score of 70+.

© 2015-2021 Smokescreen. All rights reserved.

Solutions For
Web Application AttacksLateral MovementRansomware AttacksTargeted ThreatsSocial EngineeringMalware-less Attacks