It is no secret that cybercrime is growing at times and its attacks are increasingly sophisticated and harmful for organizations. No one is safe from being the victim of an attack, being attacked is only a matter of time. Against this panorama of constant rise of increasingly innovative cyber-attacks CounterCraft was born, a cybersecurity startup that has developed a pioneering technology based on counterintelligence. Allowing attackers to access data, which they believe to be real, allows CounterCraft to understand their minds, their modus operandi and know their intentions and their behaviour.

Anticipating danger through a different and innovative technology is revolutionizing the world of cybersecurity. This pioneering solution uses deception and counterintelligence techniques in order to detect, discover and interact with adversaries, even managing to manipulate them.

CounterCraft, Security you don’t expect

Creating an innovative and distinct solution that would protect organizations against sophisticated security incidents has always been the company’s goal. Nowadays, its technology protects important companies in the financial, trade and government sectors, and law enforcement agencies.

The company’s goal, in the short and medium run, is the international growth in Europe and the Middle East, and to continue with the expansion of its professional team, that already reaches 20 employees. CounterCraft is backed by acknowledged investment funds and operates worldwide in a bunch of Fortune500 Index companies.

Cybersecurity has been based so far on implementing security defence measures, while what CounterCraft proposes is to allow attacks in controlled environments, in order to have the decision-making capability to eliminate them, study their goals and know who is behind.

CounterCraft Cyber Deception Platform

The Cyber Deception Platform is a scalable distributed Deception Platform that protects large companies by letting attackers access fictitious data and applications created specifically as a hook and bait for them. CounterCraft identifies targeted attacks in real time and actively responds to them; this way attacks occur in a controlled environment enabling the product to know goals, tools, and techniques used. CounterCraft offers a new type of detection with trustworthy alerts and real-time active response.

The profile of adversaries who perform attacks is very varied: cybercriminals, lone hackers, former employees, governments, etc. This technology, which manipulates the attacker by resorting to counterintelligence, makes him believe that he is stealing valuable information, and at the same time allows us to study him and better understand his techniques, his goals, and his intentions. This valuable information will then be used by companies so that they can take action against the attacker, or strengthen weaknesses in their security system.

David Barroso, the company’s founder and CEO, and one of the world’s most renowned experts in the field of cybersecurity, explains: “attackers deceive, manipulate and exploit vulnerabilities in governments and companies; we combat them with their own weapons. We create credible environments where we provide information and accesses that they believe are real”.

It is the first product that automates the design, deployment, monitoring and maintenance of counterintelligence campaigns, in all of the company’s digital assets such as servers, mobile phones, web applications, mobile applications, WIFI access points etc. This automation of a complex suite of capabilities brings a 95% savings in cyber counterintelligence costs compared to manual techniques used when running classical honeypots.

Radically CounterCraft focuses on Deception as Cyber Counterintelligence, and not just Deception as Network Protection. This is a fundamental new component in the Enterprise Security Architecture and is being driven by the need for defenders to use new approaches in line with Active Cyber Defence for 21st century risk management.

CounterCraft is able to detect attackers, regardless of the complexity of the attack and the newest techniques used by them. The market for cybersecurity deception platforms is emerging with a huge potential, in which CounterCraft is the only player in Europe. According to Gartner consultants, the market for this technology is expected to exceed 3,000 million by 2020.

Use cases

Intellectual property theft: In the case of a new airplane design, for example, incorrect measurements can be provided in a document uploaded to an internal server accessible from the Internet. In this way, the attacker who obtains the information is deceived, once he falls on this server, CounterCraft obtains information about his modus operandi, his identity, if it is a government, an organized gang, competition.

Confidential information theft: If someone is interested in the strategic plans of a company, we can give visibility to a document that contains a false strategic plan. In this way, the attacker is deceived into believing that the company is going to perform certain actions that are not real. Also, we can leave WIFI access points that seem easily accessible or files that send us a warning when they are opened by external people and allow us to obtain valuable information about that person. It’s about tricking the attacker and getting information about him.

Online Fraud Detection through the deployment of baits or protection of profiles of managers or VIP personalities are some examples of use cases.

If you want to know more about CounterCraft and how using deception technology can help fight against false flag operations, we invite you to contact us for a demo.