Here at the National Cyber Deception Laboratory, we define Cyber Deception as:
Deliberate measures to induce erroneous sensemaking and subsequent behaviour within a bio-digital target set, to achieve and exploit an advantage.
The core premise of our definition comes from the work of Simon Henderson and it forms the foundation of the Artifice System for Deception and Influence that he went on to develop. This definition situates deception within the mind of the targets we are seeking to defeat. We argue that no approach to Cyber Deception is effective if it is just focused on honey pots and other synthetic network assets. Cyber Deception is about creating errors in the sensemaking of our adversaries. Where sensemaking is the executive processing of information to generate action. Simply stated, it means: “What’s going on, what does this mean, and what should I do about it?”
An important element of our definition is that it extends to what we call bio-digital target sets. In the cyber domain, human adversaries engage each other using software proxies such as bots and viruses deployed across the internet.
Both the humans and their digital proxies need to make sense of their respective environments to achieve their goals. Cyber deception can be used to create errors in all aspects of their combined ‘bio-digital’ capability.
The final key point from our definition is that all deployments of Cyber Deception should be planned to get attackers or their software proxies to act in ways that suit our purposes, not theirs. This focus on behaviour is essential because the behavioural goals of a deception campaign will radically effect how that campaign will be designed, deployed, risk-managed and assessed for success.