Operations of every size and in every industry need consistent, reliable threat intelligence. The consequences of a virus attack or data breach are devastating. Some businesses never recover from the damage. Some studies report that as few as 6% of businesses who experience data loss are still in operation two years later.
The best strategy currently out there is to observe would-be attackers via a modern honeypot. That entails setting up decoy web assets and monitoring them for suspicious behavior. Since web traffic leaves distinctive data trails, traffic to your honeypot can be studied for clues about the identity and methods of hackers. A modern honeypot can take many forms such as:
- Email trap
- Decoy database
- Malware-detecting assets
The modern honeypot is characterized as being either low or high-interaction, depending on the complexity. High interaction environments can encourage the hacker to spend a lot of time tooling about inside a phony environment, leaving lots of clues and wasting their time. Low interaction honeypots collect only basic info about invasive behavior but are smaller and use fewer resources.
Anomali understood the need for a comprehensive library of information on hackers and introduced the Modern Honey Network, an open-source honeypot framework. Open source software programs are not only free to download, but their source codes can be custom edited by users. When you host a modern honeypot, you have a lot of options. The low-stake web environments appear as a legit asset to outsiders. It’s best to use a combination of different types of honeypots together.
When you use the MHN, you have the upper hand. All honeypots collect visitor data, but it is comparing that information against years of traffic data collected from networks worldwide that makes it special. When your threat intelligence framework can compare your web traffic logs to an ever-growing log of threats, you have much higher quality intelligence.
Since the introduction of the modern honeypot, cyber criminals have been challenged to further protect their identities. Knowing that they may be tracked, hackers spend more effort concealing themselves and less time invading networks.
It used to be a substantial undertaking to sponsor a modern honeypot system. Source code, web space, and staff to monitor the collected data used to prove too costly for many. Now with open source code, the option of monitoring for attacks before they occur full-scale is now available to small to medium businesses and even private users at home.
People managing a network must protect its assets for the good of the company. It’s also important to protect your computers from being used by an outsider to attack others. Your networks processing capability could be leveraged to hack and spam others without your knowledge. Your enterprise needs to look out for early signs of intrusive behavior especially if you have:
- Employees opening emails from company or private accounts
- Staff discussing policy, plans, or anything from which competitors could benefit
- Any type of personal data such as employee addresses or client/patient records
- Work such as research, innovations, or creative media
Learning of exploratory behavior is your best bet for protecting yourself from cyber-criminals. This advice is not just applicable to large scale financial and healthcare operations. SMB’s with limited personnel and financial resources are more vulnerable than their larger counterparts. Individuals who care about privacy and security can also benefit from a modern honeypot.
Intelligence is becoming the cornerstone for security. Organizations large and small are making threat intelligence a part of their day-to-day security operations, but variations persist, hinting at blind spots that will need to be addressed.
This market guide is the product of surveys and interviews with over 300 IT professionals and provides insight in purchase and use activities for both small and medium sized businesses and large enterprises. See your organization through the lens of this important survey. Download our free market guide today.
Topics:Modern Honey Network