Cyber Security: The Honeypot
Whenever you hear about the term web security or anything pertaining to it, you typically perceive the faults in security over the advances. For example, you might conjure thoughts of spam emails, pop-ups, trojan horses, etc. when asked about the topic of web security. That being said, there are several tools or technological advances on the web that help us combat these malicious encounters. A common advancement many people are aware of whether or not they are working in the computer field is virus protection software. However, there are several other advancements committed developers have implemented in the field of cyber security including the concept of the Honeypot.
A honeypot is a cyber security mechanism that mimics an actual computer system giving a hacker or someone maliciously accessing the system a false sense of privacy to do as they please. The reality is the hackers are the one’s being monitored by the honeypot as well as the developers who set it up on that particular network. Most times a honeypot will contain false data in order to lure potential hackers acting as a proactive security measure for companies. This proactivity would allow you to stop a cyber security problem before it was even able to present itself. It would also ironically allow you to collect information on the person who was attempting to collect information on you. There are a couple types of honeypots varying in complexity and use cases.
The types of honeypots available at one’s disposal are production honeypots and research honeypots, and they differentiate based on complexity and what environment they plan to be employed in. Less complex honeypots or production honeypots are considered to be “low-interaction” based on the fact that what the honeypot is designed to mimic is not that intricate. These are useful for scenarios when we have an idea of what a malicious user may do, and therefore set up an environment with those specific attributes. Furthermore, production honeypots are far less expensive to maintain but also provide less info on malicious users and their activity. More complex honeypots or research honeypots are considered to be “high-interaction” due to the complexity of the system designed by the honeypot. These honeypots are far more expensive but provide more sophistication. For example, these honeypots are typically better at disguising themselves from hackers.
Honeypots are very helpful for companies who wish to expand their cyber security endeavors. That being said honeypots are not a perfect fix to all your problems. In fact, honeypots tend to have some distinctive shortcomings in terms of securing your network. One shortcoming may involve a user error in their implementation of the honeypot. Hackers are typically keen on security measures, therefore, if the honeypot is distinctive from the actual environment it is supposed to mimic, this would throw up a red flag to the hacker. This red flag identification by the hacker is typically referred to as fingerprinting in cybersecurity wherein the hacker has been able to recognize the honeypot. This is clearly an issue since I stated earlier the whole advantage of a honeypot is to give a false sense of security to the hacker.
All in all, the field of cyber security is vast with technological advancements that are used daily to thwart bad actors–the honeypot is just one of many examples. The concept of a honeypot is essentially being one step ahead of the hacker and remains a useful security measure. That being said, it should not be the only security measure developers consider implementing into their environments.
Works Cited:
https://en.wikipedia.org/wiki/Honeypot_(computing)
https://usa.kaspersky.com/resource-center/threats/what-is-a-honeypot
https://www.informit.com/articles/article.aspx?p=30489&seqNum=2
