Twisted Haystack: Protecting Industrial Systems with Dynamic Deception

Tech 3 (801B) October 3, 2018 1:25 pm - 2:25 pm Feedback     

Bookmark and Share

Lane Thames

Deception techniques for cybersecurity are not new – honeypots have been used for many years. However, new types of deception techniques are being developed to supplement the classic honeypot approach. Deception can be used in several ways and for various end results. In this presentation, we will cover two main areas related to deception-based cybersecurity. Attendees will learn about the early types of deception technology along with recent advancements in the field. We’ll dive deep into deception technologies that are beneficial to industrial systems and introduce an open-source deception tool called Twisted Haystack that can be used for protecting these systems. Nowadays, industrial systems are becoming highly interconnected to information technology systems. For example, advanced manufacturing environments, healthcare environments, power grids, and many other critical infrastructure environments are now integrating Information Technology (IT) and Operations Technology (OT). An interesting benefit of the tool being discussed and released for this presentation is its extensibility in providing deception techniques for converged IT and OT environments. Lastly, the presentation will provide an overview of the open-source Twisted Haystack tool chain and how it can be deployed for protection services, as well as how it can be extended for environment-specific protections.