What is a honeypot?

We’re answering your security question, “What is a honeypot?”

It sounds sweet, but it’s actually a trap.

Here’s how it works.

Watch here:

 

 

Tempting Tub

Honeypots earned notoriety through the famous childhood story character Winnie the Pooh.

Looking for the last lick of honey, he sometimes got his head stuck inside the tempting tub of sweetness.

In the cyber world, honeypots are tempting, too.

You set up a virtual version of something, say, a security camera, then wait to see who tries to attack it and how.

Lightning Speed

Security company NetScout set up smart device honeypots and found it took less than five minutes for attackers to launch their digital assault.

Crooks take over these IoT — or Internet of Things — devices and rope them into their botnet armies, the company said in December.

Another company, Sophos, set up ten honeypot cloud servers across the globe.

Cyber crooks hit the first one in just 52 seconds, then pounded them with more than five million “relentless and continuous” attacks for the 30 days they were live, Sophos reported in April.

 

Honeypot research shows which passwords attackers use to hack your devices & systems.
Honeypot research shows that attackers check for these passwords on connected devices & systems. Image: Sophos

Serious Damage

Industrial cybersecurity researchers use honeypots, too, to find out more about the people trying to take over or destroy critical infrastructure.

MalCrawler set up honeypot power plants and substations, presenting its findings in 2015.

Researchers found that some hackers just wanted to steal info, while others wanted to cause a major outage — and even tripped the switches that would black out parts of cities had they been real.

Crime Online

Police use honeypots to go undercover online, taking over dark web sites and pretending to be drug dealers.

Dutch police secretly ran the criminal site Hansa and collected info on illegal activity until they shut it down and went after the perps in 2017.

Bad guys can use honeypots, too, making sites that look real, but steal your info, like your credit card number.

 

Police used the Hansa site as a honeypot in 2017
Police secretly ran the Hansa dark web site in 2017, using it as a honeypot to catch criminals. Image: Europol

How to Protect Yourself

In many cases, the honeypots show that cyber crooks use bots or automated attacks,

checking every device to see if you changed the username and password or just left the easy-to-hack default ones on there.

If it’s the default credentials, the crooks get in, take over your device and use you to make money or assault even more people.

They can enslave your machine and use it to do DDoS, or distributed denial of service, attacks, like the one that took down Twitter, Amazon and Netflix in October, 2016.

Learn from the honeypots — and Winnie the Pooh — change the default password that comes on your devices, so you don’t get stuck.

Use a password manager to help you keep track of all the long and complex passwords you create for yourself, so you don’t reuse passwords or create simple ones that are easy to guess.

Take it Further

Some people think of their IoT devices, like their IP cameras and cable modems, and “set and forget” devices, according to NetScout.

But they can have security vulnerabilities, and unless you update them, you can also be vulnerable to attacks, honeypot research shows.

Also, some devices sit on store or warehouse shelves for a while.

That gives researcher and attackers time to find security holes.

So, your device may be insecure — and need updates — as soon as you open the box.

Also, turn off Universal Plug and Play (UPnP) on your home router, Sophos advises, as it has a security issue that can put you at risk.

 

 

Main image: Teddy bear staring at honey on a computer screen. Image: David Bicker



Leave a Reply