To thwart hackers, firms salting their servers with fake data
The Waseca, Minn., company began planting fake data in Web servers to lure hackers into “rabbit holes” in the hopes of frustrating them into giving up. The bait was varied — including bogus user log-ins and passwords and phony system configuration files. Anyone who took it was being watched by Brown, their computer locations tagged and their tactics recorded.
“We’re taking the hackers’ strengths and we’re making it their weaknesses,” said Nathan Hosper, a senior information technology officer at Brown. “They get caught up in this cycle of fake information.”…
In the parlance of network security, digital deception is known as a type of “active defense,” a controversial and sometimes ill-defined approach that could include techniques as aggressive as knocking a server offline. U.S. officials and many security experts caution companies against taking certain steps, such as reaching into a person’s computer to delete stolen data or shutting down third-party servers.
Those actions probably would violate federal law, FBI officials said. The bureau also warns that the use of deceptive tactics could backfire — hackers who identify data as bogus may be all the more determined to target the company trying to con them.
Blowback
Note from Hot Air management: This section is for comments from Hot Air's community of registered readers. Please don't assume that Hot Air management agrees with or otherwise endorses any particular comment just because we let it stand. A reminder: Anyone who fails to comply with our terms of use may lose their posting privilege.
Trackbacks/Pings
Trackback URL
Comments
Somehow I think if the companies in the article were so smart, they wouldn’t be in the article. There are all sorts of threats I protect myself against in real life. Part of protecting myself against them is not feeling the need to go bragging about how I’m thwarting those threats. Reminds me of the guys who taunted Michael Phelps in the ’08 games. How are those Silver medals working out for you, fellas?
http://bleacherreport.com/articles/48006-taunt-at-your-own-risk
SoRight on January 3, 2013 at 4:40 PM
It’s called a “honeypot” and it’s been going on for a long time. And, of course it could backfire – just like testifying against the mob could backfire. Some of these hackers are vandals, some are looking for some profit, and some just want to crash whatever they can get their hands on. The vandals get thumped and the profiteers find a less problematic mark. It’s that third group you have to watch out for.
GWB on January 3, 2013 at 4:41 PM
Oh please tell me they put records for “Mike Rotch” and “Harry Box, OBGYN.” That would be awesome.
“Man, Emmerson Bigguns has a great credit score. Let’s use this guy.”
Meric1837 on January 3, 2013 at 5:09 PM
Old news.
KS Rex on January 3, 2013 at 5:22 PM