A Sticky Sweet Way to Catch Hackers in the Act
Hackers see your computer the way you do. They know where your most important files and records are stored – your tax records, your passwords, and company files that might be stored on a home PC. Once that data is found it can be exfiltrated and sold to other criminals, used to commit identity theft, and takeover accounts.
But if the target of a hack is an executive, this data can even be used to harm the company. Executives are gatekeepers of some of the most confidential information within a company and offer top-tier access to its IT systems. But they’re not the only lucrative target for today’s hackers. High-profile and high-net individuals are increasingly attracting the focus of bad actors due to their financial or reputational status.
These individuals may have some of the best physical security protections in place, but when it comes to their digital lives, they are highly vulnerable. According to the recent Verizon Data Breach Investigations Report (DBIR), C-suite executives were 12 times more likely to be targeted in cyberattacks and 71% of these cyber-attacks were financially motivated.
Hacking the networks of these individuals is relatively easy – especially when they’re outside the four walls of the secure corporate perimeter. When auditing our clients, we found that:
- 59% of the C-suite does not have anti-virus (even free versions) on their personal devices.
- 75% of computers have improper privacy and security settings or are leaking information.
- 27% have malware on their devices.
- One in five home Wi-Fi networks are not secure.
To thwart hackers, seduce them with a honeypot
These individuals may as well be leaving the front door unlocked and a welcome sign on the kitchen table. Indeed, once a bad actor is over the threshold and gained a foothold on a network, they will scan it for the good stuff – files, records, anything of value. There’s nothing to deter them from going after the good stuff.
But what if they first encounter a distraction? A honeypot that claims to contain the crown jewels but really is an early warning system. It’s one of the oldest yet most effective tricks in the book to lure cyber attackers away from their intended target.
It’s called Deception.
What is a honeypot?
A honeypot is a network service or file or device that looks like an application that might house valuable data. It’s basically screaming “over here!” The moment that a bad actor scans it, they’re busted.
Once detected, Deception alerts our Security Operations Center (SOC) before the attacker has a chance to take action. Even if they discover that the file or service or device is fake, it’s too late. Our team will immediately verify that it’s not a false positive and intervene before they can breach meaningful data. This all happens transparently to the victim.
You can’t stop every attack, but you can catch the bad guys in the act
Think of Deception as a sticky little trap that smells so sweet. Once used to investigate the behavior of attackers, these decoy-based intrusion detection technologies have become an increasingly important tool in our arsenal against attackers. Because a honeypot or honeytrap serves no purpose to the users on the network, there is no legitimate reason why anyone would interact with making it so valuable for early detection – and the perfect compliment to BlackCloak’s other concierge cybersecurity and privacy services.
Talk to a member of the BlackCloak team to learn more about Deception as part of a holistic cybersecurity & privacy program.