|
|
|
|
|
|
by oskarth
4331 days ago
|
|
|
“We have a very large honeypot, where we have, at any given time, over 5m emulations towards the Internet,” states Stiansen. “Meaning we emulate over 5m users, severs, infrastructures on the Internet. We mimic a bank. We put in place honeypots to mimic Microsoft Exchange servers, Linux systems, ATMs. We try to mimic as much as we can of the infrastructure online to make it look attractive to be attacked.” From an interview with the CTO at Norse http://realbusiness.co.uk/article/27070-ipviking-map-cybercr... |
|
|
If it's effective to tie up sufficient resources (similar times as hacking into what the honeypots are actually mimicing) then this could be deployed as an actual form of ECM against malicious attacks.
The main issue would be you're either protecting no one or everyone. So you either need to get governments behind you, or you need to get ISPs behind you.
If an organization could get an ISP to let them use their unused IP's in their honeypots and sufficiently reduced DDOS against their paying business customers, it would be very lucrative.
With the amount of business I've heard getting hit by ransomware, and hit by DDOS's for ransom. I'm sure a lot would willingly opt for a 10% increase in their internet costs to reduce the amount of attacks.
It wouldn't take long for word to get out that a certain ISP's IP block is full of honey pots and thus less profitable to hit and it would be more effective as a deterrent than as an actual tool - it's like having an alarm company sticker on your house window, you're automatically out of the biggest break in category of the opportunistic thief. Doesn't even matter if you've got an alarm system or not.