Great read
Thanks, el reg, this one is an interesting piece I very much enjoyed reading!
Keep 'em coming!
Honeypots: Free psy-ops weapons that can protect your network before defences fail
The hackers breached the transport operator's systems and before they knew it had sent a passenger train hurtling into a wall. And the only reason you didn't read about it in the papers was that the systems were an entirely fictitious network created in 2015 to test just how far snoopers or crims would go in attacking vulnerable …
-
Wednesday 8th February 2017 08:50 GMT tr1ck5t3r
Personally I like all the trust placed in existing code that's used to configure systems. Why would a hacker target a system, when they can target Kali that's used to spread the malware. Another good example of this concept is all the trust placed in MS Windows, or AV software that's lifting files off your system without your knowledge.
Use other peoples authority to spread the malware amongst clients. When did a so called security expert last check their systems? Nothing like Hubris before a fall.
So yeah, a honeypot is a valid technique, but is it the best?
-
-
Wednesday 8th February 2017 10:06 GMT tr1ck5t3r
I'll reiterate what I have hinted and stated in round about ways before.
This is like verbal chess, perhaps I had already factored that in and gave the response to play your prediction analysis, ie see my comment on Russia violence and Psychologists.
Do you not think for one moment, the internet is like a massive data dump of human thoughts, waiting to be quantified by the militaries and educational establishments around the world. Lets face it, at no point in human history has it ever been possible to analyse the thoughts and actions of so many people en-masse, whilst digital equipment also able to give each and every person on this planet their own Truman show experience.
The spooks love hacking, do you not think hacking the mind is their ultimate hack?
"Hack the systems and nip things in the bud before they become a problem", isn't that verbatim one of the things I have said in the past?
So can you really say what you say with any confidence or reliability other than stating, so far I'm playing the game? Do I agree with the rules? Thats a different question. Having a vivid creative imagination is a powerful tool as many fiction writers amongst others will know, and whilst older and wiser people over the course of time and planning may think they have the upper hand as this technology has evolved and been rolled out, so far my suspicions are being confirmed, which is we are being spied on whether we like it or not! So experiments are poorly planned, some things are just too easy, some things are things normal (which can be read as average) people wouldn't do, even the development of less widely known phenomena exploited by religions has been an interesting form of obtaining data.
Do you want to know whats giving the game away though?
And yes I also remember a study whilst in the courthouse, but which study am I referring to?
-
-
-
Wednesday 8th February 2017 09:14 GMT Pascal Monett
"a great experiment to analyze the adversary's moral limits"
If you're counting on the moral limits of your opponents, you have nothing to do managing security.
This is the Internet, the Wild West of human nature. Anything goes and there are no limits. Expect the worst and you'll never be surprised (maybe dismayed from time to time).
-
Wednesday 8th February 2017 11:23 GMT Cuddles
Re: "a great experiment to analyze the adversary's moral limits"
"This is the Internet, the Wild West of human nature. Anything goes and there are no limits. Expect the worst and you'll never be surprised (maybe dismayed from time to time)."
It's nothing to do with the internet, that's just the basic rule for dealing with humans. Just take a glance at the news and see all the murders, scams, and so on that show up every day. They're relatively rare, which is why they make the news in the first place, but give enough people the opportunity to do something horrible, and eventually one of them will take it. The internet opens up new ways to be horrible, but it doesn't change anything about basic human nature.
-
-
-
Wednesday 8th February 2017 13:52 GMT s33k2track0
Great article, and I've convinced my boss to allow me to build, configure and deploy a PI based honeypot on our internal network for an additional reason to monitoring malicious traffic: determining how effective the pen tests we pay for are. What sold him to the idea was he isn't a traditional IT security manager, he's from a governance and audit background, so this approach makes perfect sense to him. In his eyes, it's effectively a real time audit. We work for a retail company, so value for money spent is critical. As the in house security team is small, we outsource a lot, which isn't cheap. We want value for our money and this is a great way of clearly determining the actual value of the pen tests we pay for. The infosec budget is always under intense scrutiny, justifications are constant and this solution is cheap and effective, double win.
-
Wednesday 8th February 2017 18:51 GMT Anonymous Coward
We want value for our money and this is a great way of clearly determining the actual value of the pen tests we pay for.
Also a great way to check if your intrusion detection actually *works* :).
Personally I add port tarpits on isolated servers - they deplete scanner resources as few have rewritten the IP stack underneath to counter that.
-
Wednesday 8th February 2017 20:53 GMT Old Handle
As far as the moral limits aspect, I'm doubtful that all (or perhaps any) of the attacker believed they were derailing and crashing real trains. They might have reasonably (and at least in this case correctly) concluded that there was no way a system that lets you derail trains would really be accessible over the internet.
Great for headlines, but I wouldn't read too much into it. Also, wasn't there a movie about this?
Biting the hand that feeds IT
