Risky Business: Using Honeypots to Lure Hackers

Honeypots come with a sting. The electronic traps offer data that appears to be legitimate but actually allow computers to block or analyze hackers. 

Proceed with caution, however. Honeypots can be a dangerous game.

SPYSCAPE offers seven fast facts to bring you up to speed:


hacker


What are honeypots?

A honeypot is a deliberately vulnerable computer system used to trap or monitor hackers. It may resemble a website, hosted server or an email address used to collect spam or malware. Even a WiFi hotspot can be transformed into a honeypot. It is an effective way to learn how hackers think and operate. 


cybersecurity


How are honeypots set up?

Usually honeypots resemble common configurations online such as out-of-date Windows servers. They’re left open to entice hackers and monitor their activities. Once a hacker falls into the trap, an IT administrator can watch their steps, see how data is being breached and report the break-in to legal authorities.


hacker


What kind of dirty work can be watched?

Hackers may try various ways to gain access to the honeypot which, when analyzed, can prove useful in stopping future hacks on genuine systems. For example, a hacker may target a company’s billing data to steal customer credit card numbers. With a honeypot in place, the company can track the hacker and assess the snoop’s behavior to make the billing system more robust.


hacker


Who uses honeypots?

Anyone from individuals to companies like NorseCorp use honeypots to track real-time hacking attempts. Hackers also use honeypots on other hackers, hoping adversaries will accidentally leak data that identifies them. Law enforcement use honeypots to catch criminals. Government agencies and defense networks like NATO also use honeypots, creating a trap for hostile hackers and seducing them into revealing their tools, techniques - even their command structure.


hacker


How hard is it to make a honeypot?

It is helpful to have experience in configuring servers and monitoring networks to get started but tools like WiFi Pineapple can create a hotspot honeypot. Be careful, however, because hackers can turn the tables and access information from vulnerable systems.


honey pot


Are honeypots ethical?

It’s complicated. Some experts believe honeypots are unethical because they lure people into stealing information. Many in the security world consider honeypots to be ethical and acceptable, however. It’s an ongoing debate.


cyber security


What are the risks?

If a honeypot is configured incorrectly, the creator may unknowingly grant hackers access to sensitive data. A clever attacker will hunt for poorly-made honeypots and breach the systems connected to it. In general, the simpler the honeypot, the lower the risk. More complex honeypots create a ‘jail’ allowing a hacker to interact with an actual operating system. A hacker may find a way to break out of the cage, however, and use the honeypot to attack other systems or organizations.

Risky Business: Using Honeypots to Lure Hackers

BY
SPYSCAPE
1
MINUTE READ
Twitter
@SPYSCAPE
Share
Facebook
Twitter

Honeypots come with a sting. The electronic traps offer data that appears to be legitimate but actually allow computers to block or analyze hackers. 

Proceed with caution, however. Honeypots can be a dangerous game.

SPYSCAPE offers seven fast facts to bring you up to speed:


hacker


What are honeypots?

A honeypot is a deliberately vulnerable computer system used to trap or monitor hackers. It may resemble a website, hosted server or an email address used to collect spam or malware. Even a WiFi hotspot can be transformed into a honeypot. It is an effective way to learn how hackers think and operate. 


cybersecurity


How are honeypots set up?

Usually honeypots resemble common configurations online such as out-of-date Windows servers. They’re left open to entice hackers and monitor their activities. Once a hacker falls into the trap, an IT administrator can watch their steps, see how data is being breached and report the break-in to legal authorities.


hacker


What kind of dirty work can be watched?

Hackers may try various ways to gain access to the honeypot which, when analyzed, can prove useful in stopping future hacks on genuine systems. For example, a hacker may target a company’s billing data to steal customer credit card numbers. With a honeypot in place, the company can track the hacker and assess the snoop’s behavior to make the billing system more robust.


hacker


Who uses honeypots?

Anyone from individuals to companies like NorseCorp use honeypots to track real-time hacking attempts. Hackers also use honeypots on other hackers, hoping adversaries will accidentally leak data that identifies them. Law enforcement use honeypots to catch criminals. Government agencies and defense networks like NATO also use honeypots, creating a trap for hostile hackers and seducing them into revealing their tools, techniques - even their command structure.


hacker


How hard is it to make a honeypot?

It is helpful to have experience in configuring servers and monitoring networks to get started but tools like WiFi Pineapple can create a hotspot honeypot. Be careful, however, because hackers can turn the tables and access information from vulnerable systems.


honey pot


Are honeypots ethical?

It’s complicated. Some experts believe honeypots are unethical because they lure people into stealing information. Many in the security world consider honeypots to be ethical and acceptable, however. It’s an ongoing debate.


cyber security


What are the risks?

If a honeypot is configured incorrectly, the creator may unknowingly grant hackers access to sensitive data. A clever attacker will hunt for poorly-made honeypots and breach the systems connected to it. In general, the simpler the honeypot, the lower the risk. More complex honeypots create a ‘jail’ allowing a hacker to interact with an actual operating system. A hacker may find a way to break out of the cage, however, and use the honeypot to attack other systems or organizations.

Read mORE

Gadgets & Gifts

Put your spy skills to work with these fabulous choices from secret notepads & invisible inks to Hacker hoodies & high-tech handbags. We also have an exceptional range of rare spy books, including many signed first editions.

Shop Now

Your Spy SKILLS

We all have valuable spy skills - your mission is to discover yours. See if you have what it takes to be a secret agent, with our authentic spy skills evaluation* developed by a former Head of Training at British Intelligence. It's FREE so share & compare with friends now!

dISCOVER Your Spy SKILLS

* Find more information about the scientific methods behind the evaluation here.