Firms turn to cloak-and-dagger tactics to infiltrate hacker groups and pre-empt attacks.
Their job: Befriend hackers to find out about attacks before they even happen.
Last year, Black Cube, an Israel-based firm that specializes in gathering intelligence online, asked one of its bank clients for access to some of its internal HR and payroll data—sensitive enough to look like the spoils of a real cyber theft, but not enough to affect operations.
When Black Cube accessed the information, it left a digital trail that made it look like it had broken into the bank’s networks and stolen the data. By dangling this bait, Black Cube operatives posing as hackers infiltrated a group of cyber thieves that had been circling the bank, according to a person familiar with the sting, helping thwart an attack.
With the pace and severity of corporate cyberattacks increasing, a growing number of small cybersecurity and business intelligence firms like Black Cube are deploying the same sort of cloak-and-dagger moves that governments and police have long used to penetrate spy rings or break up terrorist cells. more