You don’t have to be Winnie The Pooh to find a honeypot irresistible – hackers are also liable to get their heads stuck.
Security advisers are exploiting cyber criminals’ liking for a soft target by setting up deliberate deception scenarios – for instance by using a defunct server on a company’s corporate network. While the ‘honeypot’ is principally designed to test an organisation’s vulnerabilities, they also to lure in attackers with a view to capturing their modus operandi – as well as wasting their time, plus maybe some of their custom malware.
Once the attractive-looking fake target is set up, the security team can then watch the unsuspecting hacker at work – allowing them to reinforce their systems by learning from his or her tactics, techniques and procedures. The driver behind this increasingly popular initiative is the not-for-profit Honeynet Project. Sweet!