Moving Target Defense: applying kinetic warfare techniques to today’s cyber adversaries

By Ronald Nixon

Data breaches in the United States cost an average of $8.19 million across all industries, sectors and environments. This includes everything from loss of business revenue and customers; loss of productivity from system disruption and downtime; regulatory costs and fines; stolen digital assets, intellectual property and customer data; post-breach response costs; and reputational damage.

The cybersecurity problem is not people, expertise or diligence or lax company processes. It is mathematics; today attackers only have to find a single vulnerability to exploit all vulnerable systems, while defenders have to prevent the exploitation of all vulnerabilities. This reality is possible because the distribution of all operating systems and applications is done from a single master code base that is compiled and distributed at a defined point in time. All the instances are identical; they are clones of each other. Any bug inserted or discovered applies to all instances of a particular operating system or application version distributed at that moment. The attacker relies on using the known weakness to launch the attack.

What is Moving Target Defense (MTD)?

MTD is a centuries old kinetic warfare technique that was created as the basis for defense against a stronger adversary. The basic premise is that the target is never where the attacker expects them to be as the target has moved, been hidden or scrambled.

Today’s cyber threats are the stronger adversary that enterprises and government agencies must face every day. To counter this, MTD employs a strategy of constant movement— an approach that can be applied to machines, containers, binary instructions, ports, networks, keys, passwords, and so on. By implementing Moving Target Defense organizations can protect themselves from ever changing and advancing threats.

Even though MTD strategies have been around for many years, they were not readily utilized by the majority of cybersecurity vendors and technologists. We realized the problem with MTD techniques was not in constructing them, it actually resided in the distribution and scalability of the software that incorporated such defenses. MTD approaches have historically added considerable complexity and cost to the deployment and maintenance cycle of both new and preexisting software systems. On top of that, previous MTD techniques did not harness existing DevSecOps infrastructure.

How Polyverse can help

We believe that MTD is the only way forward for the cybersecurity industry. Our goal in developing our technologies was to maintain compatibility with existing software systems and address the hurdles experienced by enterprises attempting large scale adoption of moving target defense. By adopting Polyverse’s MTD based, compiler-generated software diversity you can fundamentally change many of the assumptions and models underlying current threats to your deployed software. Through the adoption of Polyverse’s techniques, it becomes much less likely that a single attack will affect large numbers of your software systems simultaneously.

To learn more about our Moving Target Defense strategies read our latest whitepaper Moving Target Defense: A Polyverse Perspective.

 

Interested in learning more?

Be the first to hear about the latest product releases and cybersecurity news.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.