Go To Home
Schedule a 1:1 Demo

Doing Our Bit to Defend Essential Services

by Amir Moin

TL;DR – We’ve partnered with Amazon Web Services to give a three-month license of our perimeter deception solution to essential services organisations for free.

It’s been heartening to see businesses come forward to help others. We took some time to study how Smokescreen could have the most positive impact. We analysed 500,000+ decoy interactions in our deception platform to see where businesses face the greatest threats.

Here’s what we found:

  • Perimeter-facing attacks have increased by 25% – Over 4 weeks, attackers ramped up attacks on the external perimeter as companies support remote users.
  • 50% of attacks target VPN and webmail systems – The most attacked honeypots are VPNs (34.3%) and webmail (17.5%). Citrix and Pulse Secure Connect are on the radar.
  • 62% of attacks originated from cloud providers – The use of cloud resources to stage attacks make it difficult for organisations to filter by source or region.
  • Only 50% of attacks are from known-bad sources – Traditional threat intel feeds aren’t seeing the whole picture as attackers repurpose infrastructure less and less.

You can read the white paper here.

With a massive increase in Internet-exposed assets and employees working from home, security teams are dealing with a new set of threats. VPN portals, Citrix servers, and other Internet-facing infrastructure are under siege, and COVID themed phishing campaigns are more effective than they’ve ever been.

You’re overworked and need a simple solution to a complex problem that is useful right NOW! We believe perimeter deception can help. You can deploy Internet-facing decoys in under an hour and they will immediately start detecting a variety of Internet-facing threats including:

  • Attacks on remote access services
  • Credential theft and credential stuffing attacks
  • Attacker groups specifically targeting your organisation

Deception alerts are low false positive so your security team doesn’t have to deal with another dashboard. And since these are high-confidence detections, you can orchestrate responses to automatically contain the threats.

We urge you to set up these decoys because of how low touch and effective they are (our team will do the heavy lifting).

We will openly share the IOCs (indicators of compromise) from this initiative with the broader security community for the greater good.

Write to covid19@smokescreen.io requesting access or fill up this form and my team will set you up asap.

List of qualified industries

  • Hospitals and healthcare
  • Pharmaceutical companies
  • Manufacturing companies
  • Banking & financial services
  • Grocery / Food delivery services
  • E-commerce companies
  • Energy and utilities
#Uncategorized

Continue Reading

  • The curious case of “How many decoys do I need?”

    Decoys can be deployed everywhere in your network – current-gen deception technology makes that possible. There are however no free lunches and pervasive deception might come with a cost. So the question is, should you?
    By Sudarshan Pisupati
  • 6 Ways Deception Technology Levels Up Your SOC

    Learn how deception technology enables SOCs to move from simple log aggregation and static detection use-cases to a proactive, low false-positive detection model that heavily automates response mechanisms.
    By Amir Moin
  • 7 Ways to Fail At Implementing Deception Technology

    Since there’s precious little information on how security teams can make deception implementations successful (some folks like to keep it a secret), there’s plenty that can go wrong. Here are 7 ways to completely botch your deployment of deception technology.
    By Smokescreen Team
  • Have you tried out IllusionBLACK yet?
    • Detect zero-days, APTs, and insider threats
    • 10x the detection capabilities with 1/2 the team
    • Get started in minutes, fully functional in hours
    Schedule a demo

    Smokescreen builds simple, no-nonsense products that security teams love. We help you predict attacks, detect breaches, and respond in real-time.