Russian Hackers Lured With Honeypots
The NATO Cyber Coalition is using deceptive cyber security methods, called Honeypots, to entice and engage potential Russian and foreign hackers, so that NATO might potentially have some control of the hacker’s data and subsequently monitor the attacker’s hacking methods.
The object of the plan is to encourage a foreign (most likely Russian) hacker to start an attack into the NATO network and engage with a government worker, probably using a phishing email, to get the hacker network access.
What the hacker does not realise is that they are now being monitored. NATO is using these honeypots techniques in a training activity with Estonia’s NATO Cyber Security Training Center, and the trial has involved over 1,000 participants.
Previous exercises were done to mimic real-world challenges and included Russian hybrid warfare techniques. Alberto Domingo,Technical Director of NATO's ACT Cyberspace Command, said that the honeypots are 'sacrificial machines' and their use is to allow hackers to breach the honeypots easily, so that NATO can subsequently monitor the hacker’s techniques, giving NATO detailed information about their operations and procedures.
The objective is to collect intelligence on the adversary without their being aware of it. “It’s answering the questions of who is the adversary? What type of adversary are we talking about? What do they want and what are they going to do next?” said Domingo.
With this plan the hackers will try to infiltrate NATO’s sensitive data by penetrating a NATO officials’ sensitive data with the aim to gain access to the whole NATO network. This would potentially allow them to breach the systems and the sensitive information they are interested in.
NATO will use the fake engage methods so that hackers believes their data hacking was a success. But, the attackers will probably later realise that the information they hacked is fake, yet what they won’t understand is that NATO can now gather the information to expose the cyber criminals’ techniques or tools.
By letting this information out into the public domain, NATO probably believes that it will begin to reduce the number of cyber attacks.
NATO ccdcoe: NATO: Tech Visibilty: DefenseOne:
You Might Also Read:
Estonia’s Crucial Role In Tackling Growing Cyber Threats: