Russian Hackers Lured With Honeypots

Uploaded on 2020-12-07 in TECHNOLOGY--Hackers, INTELLIGENCE--International, GOVERNMENT-Defence, FREE TO VIEW

The NATO Cyber Coalition is using deceptive cyber security methods, called Honeypots, to entice and engage potential Russian and foreign hackers, so that NATO might potentially have some control of the hacker’s data and subsequently  monitor the attacker’s hacking methods. 

The object of the plan is to encourage a foreign (most likely Russian) hacker to start an attack into the NATO network and engage with a government worker, probably using a phishing email, to get the hacker network access. 

What the hacker does not realise is that they are now being monitored. NATO is using these honeypots techniques in a training activity with Estonia’s NATO Cyber Security Training Center, and the trial has involved over 1,000 participants.

Previous exercises were done to mimic real-world challenges and included Russian hybrid warfare techniques. Alberto Domingo,Technical Director of NATO's ACT Cyberspace Command, said that the honeypots are 'sacrificial machines' and their use is to allow  hackers to breach the honeypots easily, so that NATO can subsequently monitor the hacker’s techniques, giving NATO detailed information about their operations and procedures.

The objective is to collect intelligence on the adversary without their being aware of it. “It’s answering the questions of who is the adversary? What type of adversary are we talking about? What do they want and what are they going to do next?” said Domingo. 

With this plan the hackers will try to infiltrate NATO’s sensitive data by penetrating a NATO officials’ sensitive data with the aim to gain access to the whole NATO network.  This would potentially allow them to breach the systems and the sensitive information they are interested in. 

NATO will use the fake engage methods so that hackers believes their data hacking was a success. But, the attackers will probably later realise that the information they hacked is fake, yet what they won’t understand is that NATO can now gather the information to expose the cyber criminals’ techniques or tools. 

By letting this information out into the public domain, NATO probably believes that it will begin to reduce the number of cyber attacks. 

NATO ccdcoe:      NATO:       Tech Visibilty:      DefenseOne

You Might Also Read:

Estonia’s Crucial Role In Tackling Growing Cyber Threats:

 

« A Christmas Warning For Online Shoppers
In The Age of Risk, Cyber Security Is The Leading Concern »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Malware.lu

Malware.lu

Malware.lu is a repository of malware and technical analysis. The goal of the project is to provide samples and technical analysis to security researchers.

Canadian Security Intelligence Service (CSIS)

Canadian Security Intelligence Service (CSIS)

CSIS collects and analyzes threat-related information concerning the security of Canada in areas including terrorism, espionage, WMD, cybersecurity and critical infrastructure protection.

herdProtect

herdProtect

herdProtect is a second line of defense malware scanning platform powered by 68 anti-malware engines in the cloud.

Nozomi Networks

Nozomi Networks

Nozomi Networks is a leader in Industrial Control System (ICS) cybersecurity, with a comprehensive platform to deliver real-time cybersecurity and operational visibility.

NSIDE Attack Logic

NSIDE Attack Logic

NSIDE Attack Logic simulates real-world cyber attacks to detect vulnerabilities in corporate networks and systems.

IT Security Jobs

IT Security Jobs

IT Security Jobs is a dedicated portal for everything related to IT professionals looking for IT Security jobs.

OnDefend

OnDefend

OnDefend delivers information security solutions that improve overall security posture, reduce risks and defend against continually evolving and persistent cyber adversaries.

CyFIR

CyFIR

CyFIR is a network investigation and Incident Response tool for performing live computer investigations across any size enterprise.

MCPc

MCPc

MCPc improves the security and well-being of our clients. We protect data, manage the complexity and sustainability of technology, empower employee performance, and ultimately reduce business risk.

FortKnoxster

FortKnoxster

FortKnoxster is a cybersecurity company within the Crypto & FinTech space. Our encryption technologies are blockchain integrated.

Comparitech

Comparitech

Comparitech strives to promote cyber security and privacy for all. We are committed to providing detailed information to help our readers become more cyber secure and cyber aware.

Pillr

Pillr

Pillr is a cybersecurity operations platform capable of adapting to the demands of your business and team — and the global threat landscape.

TOTM Technologies

TOTM Technologies

TOTM Technologies provides end-to-end identity management and biometrics products, powering Digital identity and Digital onboarding solutions.

Antivirus Tales

Antivirus Tales

Antivirus Tales offers a platform to resolve all types of antivirus-related issues. The platform also provide various blog articles and informative guides to fix antivirus software errors.

Staley Technologies

Staley Technologies

Staley Technologies is a US nationwide structured cabling, technology integrator, and Managed IT & Cyber Security provider.

Siguria Kibernetike (Cyber Security)

Siguria Kibernetike (Cyber Security)

Siguria Kibernetike is a company based in Tirana that offers full service in the field of cyber and physical security.