As our networks are attacked, we’ve been told that the only thing we can do is hunker down and endure the blows. It is illegal or against organizational policy to fight back – let the police deal with the prosecution, they say. However, law enforcement effectiveness is marginal and cyber-criminals act with impunity. They have no reason to stop hacking our systems and there is nothing for us to do but try to lock them out. However, there is a way to fight back in a way that does not entail legal risk or civil liability. As military trainers say, if an enemy cannot be destroyed, he must be blinded; if he cannot be blinded, he must be deceived. If intruders are breaking into your network it is perfectly acceptable to distract, confuse, and deceive them. This is the arena of unconventional warfare – to make use of booby traps, decoys, hooks, lures, and humiliating practical jokes to demoralize them. In this talk, I’ll be sharing a variety of examples and cases of DIY techniques that have successfully distracted, delayed, stymied and even captured system intruders. Surprisingly, many sysadmins have already been using dirty tricks to protect their networks. Tricks go beyond conventional honey pots, but include things like leaving a weakly encrypted file of social security numbers of deceased persons lying around. Here is our chance to talk about these techniques in the open and share ideas. I’ve been collecting and testing dirty tricks for years now, so I welcome the opportunity to get them into more popular usage. The more costly we make it for the intruders, the more we can create true system of deterrents and break the economic cycle of easy gain with no retaliation.

Raymond Pompon, CISSP
Ray Pompon is the senior security officer at HCL Capital Stream, an application service provider for financial institutions. With nearly 20 years of experience in network security, he has been involved in several major intrusion cases. In 2000, Ray worked as an undercover operative in the FBI’s Operation Flyhook, which ended with the apprehension and conviction of two Russian hackers. For six years, Ray was president of Seattle InfraGard, representing the state in variety of cyber-security events and exercises with the FBI, DHS, and the US Secret Service. Ray has written many articles and white papers on advanced technology topics and is frequently asked to speak as a subject matter expert on Internet security issues. National journalists have solicited and quoted his thoughts and perspective on the topic of computer security numerous times. Ray also maintains a security blog at http://assumebreach.blogspot.com. For the past four years, Ray has produced the “Heidi, Geek Girl Detective” (http://planetheidi.com) web-comic. He has also been a major collaborator in three Seattle arts festivals involving technology, literature, and the vicious ridicule of governmental institutions. Ray holds a Bachelor of Arts Degree in Information Technology from the University of Hawaii as well as a Certificate in Data Communication from the University of Washington. He has also earned industry certifications in Security, Auditing, Systems Management and Internet Security plus many vendor certifications.