The U.S. Federal Law enforcement agency – FBI has quite literally decided to hang the carrot (read fake data) as bait for cyber criminals. The FBI’s exclusive Illicit Data Loss Exploitation (IDLE) program, lures hackers to attack a network in order to trace their identity.
Trusted sources from the FBI say that the agency started the IDLE program with a view of providing security to top companies’ data and network needs. Not much of official information is available on the IDLE program but experts say that the program is designed to place honeypots in servers. Companies will store irrelevant data as a decoy in their servers and use this data as honeypots to lure and trap hackers who try to steal valuable or critical information. The primary motive of the program is to keep track of insider as well as external threat actors.
This is one of the many initiatives of the FBI that is directed toward prevention of cyber and corporate espionage. The FBI also offers training for Chief Information Security Officers (CISOs) of corporate companies called “CISO Academy”.
Long T. Chu, acting assistant section chief for the FBI’s Cyber Engagement and Intelligence Section, told Ars. Technica that the FBI is “taking more of a holistic approach these days. Instead of reacting to specific events or criminal actors,” he said, “we’re looking at cybercrime from a key services aspect — aka, what are the things that cybercriminals target? and how that affects the entire cybercriminal ecosystem. What are the centers of gravity, what are the key services that play into that?” That’s precisely where IDLE program comes in.
Earlier in the year, the FBI came up with a new surveillance proposal to monitor social media platforms for potential threats. As per the proposal, the FBI was asking third-party vendors to provide monitoring services, which might bring up possible conflicts with Facebook and other social media companies over privacy policies. Security experts had opined that the FBI’s proposal would violate the companies’ ban against using their data for monitoring purposes.