Luring Cyber Threats: An Insight into Honeypots

Cybercriminals and Honeypots

Cybercriminals are inevitable, and thus security information technology (IT) experts come up with various mechanisms to detect and avoid them. Honeypots can be sub-servers that trick hackers to perceive as if they have penetrated a particular database or network (Deo, 2016). However, the data available in a honeypot is for baiting purposes. Companies using this type of technology have security teams that monitor honeypots regularly to identify hackers trying to access the information and locate their Internet Protocol (IP) address.

Significance of Honeypots

Honeypots are significant in safeguarding an organization’s network. First, they collect data from cyber-attacks or any other unauthorized activities which provides security experts with information to identify and address the system's loopholes (Gupta, 2017). Honeypots are critical in that they only take the data of computers that have accessed a specific server and show how the penetration occurred. Second, they capture all the malicious activities of hackers even if they have encrypted their information. Honeypots record the keystrokes, and hence a firm using them can know the number of people logged in during a particular session (Sokol, Husak, & Liptak, 2015). In most cases whenever a hacker accesses them, the system alerts the IT security team.

Protecting against Internal Attacks

According to the Cyber Security Intelligence Survey of 2016, honeypots are effective in protecting an organization from internal attacks. The International Business Machines Corporation (IBM) found out that about 60% of cyber-attacks that occurred in 2016 were carried out by insiders (Dargin, 2017). As such, the deployment of honeypots can safeguard a network from breaches that come from employees. Moreover, the information collected by a honeypot can be correlated with other logs from firewalls or intrusion detection system (IDS). Consequently, security teams can locate and stop potential hackers.

In Conclusion

In conclusion, honeypots are decoys that detect and deflect cyber attackers. They can be used to safeguard an organization’s network by alerting the IT security team when a hacker has penetrated the system. Most importantly, honeypots record the digital prints of cybercriminals, which can be used to track them.

References

Dargin, M. (2017). Increase your network security: Deploy a honeypot. Network World. Retrieved from https://www.networkworld.com/article/3234692/lan-wan/increase-your-network-security-deploy-a-honeypot.html.

Deo, A. (2016). What are honeypots and how they can secure your network? 24BY7 Security. Retrieved from https://blog.24by7security.com/honeypots-and-how-they-can-secure-your-network.

Gupta, A. (2017). What are honeypots and how can they secure computer systems. The Windows Club. Retrieved from https://www.thewindowsclub.com/what-are-honeypots.

Sokol, P., Husak, M., & Liptak, F. (2015). Deploying honeypots and honeynets: Issue of privacy. 10th International Conference on Availability, Reliability, and Security.