Article

Manoj Rai
Manoj Rai 22 February 2016
Categories Technology

Of Honeypots, Decoys And Red Herrings

A Look At Cyber-Threats The number of apps on your phone is directly proportional to how tech-savvy you can be. Ask any millennial and they will “app” a problem for you. Want to find your lost keys? Want to drink more water? There’s an app for everything and more often than not, they make our life productive. However, every app requires your ID and password. While a lot of them pair it with their social networks and gain access, every app still needs an entry point to access your personal information. If you misplace one password, it has a trickle effect of sorts. Most of your apps can be hacked. The identity theft implications are massive and the extent of accessible personal information could prove disastrous for many. Enterprise security is no different.

Organisations face multiple cyber threats by risking sensitive data to hackers. Many cyber-security threat prediction reports say attacks through employee systems and organisations seem to be one of the potential threats in 2016. High-profile attacks on large organisations in recent times have shown that existing solutions may not be enough to stop malicious hackers and evolving threats. Cyber-security vendors are looking at new-age deception technologies, tools that deceive attackers, enable the identification and capture of malware at point of entry, and allow enterprises to regain control of their defences. These solutions seek to mislead hackers by luring them towards fake data.

Honeypots

Honeypots are a fake system that creates dummy network nodes to attract hackers. Honeypots function like rat traps. They offer something that appears attractive to an attacker. It makes him spend his resources and time on gathering the ‘honey’, while the honeypot does an admirable job of drawing his attention away from the actual data it seeks to protect.

Fight The Good Fight

Organisations are now looking for more active defence strategies that not only entice attackers, but also trap them, confound them and track their activity. One such deception technology offers an emulation engine masquerading as a run-of-the mill operating system. The ‘operating system’ contains ‘sensitive’ data that could be attractive to attackers — data labelled ‘credit card info’, for instance. The platform will lure the attacker in by allowing him to ‘hack’ this fake data, and in turn, start gathering information about his movements and the codes that he seeks to modify. This intelligence can then be shared with other security tools, such as intrusion prevention systems, to defend against the attack.

Many start-ups are designing various kinds of intrusion deception software that insert fake server files and URLs into applications. These traps are visible only to hackers and not ordinary users.

An example of such a snare could be trapping hackers probing for random files by granting them access to bogus files that are a dead-end and keep on leading them in circles towards more fake data. Other technologies set up fake IP addresses on web servers that on multiple attempts to hack them, will always present a deception to that user. Yet others set up virtual systems or computers that actually have no data on them, and are indistinguishable from other machines on the network. Repeated intrusion into these make it easy to identify hackers.

Decoys

Decoys are similar to honeypots. This method is used in corporate and enterprise networks to safeguard data.

Many decoys act together to fill the attacker’s so that it becomes difficult for him to differentiate between real and fake targets. Many firms use this method to prevent hacking of medical information in hospitals.

Please login or register to add a comment.

Contribute Now!

Loving our articles? Do you have an insightful post that you want to shout about? Well, you've come to the right place! We are always looking for fresh Doughnuts to be a part of our community.

Popular Articles

See all
Promote Your Blog On These 30 Places

Promote Your Blog On These 30 Places

Social Media channels are one of the best ways to promote your blog content, but you shouldn’t stop there. Besides Social Media, there are more available places on the web which can be a great marketing tool for your blog promotion. I’m bringing you 30 proven places where you can promote your blog content and get great results.

Aleksej Durdevic
Aleksej Durdevic 7 December 2016
Read more
Top 10 Digital Branding & Marketing Trends for 2017

Top 10 Digital Branding & Marketing Trends for 2017

It’s time to re-evaluate and rebalance the digital approach for your company. Here are the Top Digital Branding & Marketing Trends for 2017 to watch for. The probing minds at the Borenstein Group, a Top Washington DC Digital Marketing and Branding Agency, have done the homework for you. Use it or lose it.

Gal Borenstein
Gal Borenstein 7 December 2016
Read more
4 Important Digital Marketing Channels You Should Know About

4 Important Digital Marketing Channels You Should Know About

It goes without saying that a company can't do without digital marketing in today's world.

Digital Doughnut Contributor
Digital Doughnut Contributor 5 November 2014
Read more
What Mobile App Design Looks like in 2017

What Mobile App Design Looks like in 2017

They say ‘move with the time or the time will leave you behind’. Being a startup it is important for you that you understand the trends, and amalgamate them in your business in order to attain the targets.

Nasrullah Patel
Nasrullah Patel 6 December 2016
Read more
Digital Marketing Vs. Traditional Marketing: Which One Is Better?

Digital Marketing Vs. Traditional Marketing: Which One Is Better?

What's the difference between digital marketing and traditional marketing, and why does it matter? The answers may surprise you.

Julie Cave
Julie Cave 14 July 2016
Read more