Honey Traps, Polymorphs and the Future of Online Security

You doubtlessly have antivirus software running behind a firewall, but really how safe is your company server?

Unleaded
Share:

Even U.S. government computers have been hacked, not to mention the dozens of banks and businesses that fall victim publicly and embarrassingly. They all have firewalls and virus-prevention programs, so what went wrong?

Tempting Targets

The simple answer is that they made themselves tempting as targets. Whether it’s foreign spy networks, identity thieves, or just malicious hackers, the reward for breaking into highly visible or valuable systems draws ne’er-do-wells like ants to a picnic. It’s a price they pay for success (or power). Hackers are willing to put large amounts of time and effort into breaking into these systems because the payoff is big. They look for weaknesses in security systems, backdoors left unlocked, or simply use “brute-force attacks” to overwhelm a system’s safeguards.

Because of the amount of damage that can be done to these systems, a great deal of effort is going into preventive measures to foil even the most determined attackers. Researchers at both the private and governmental levels are developing new tools to stop breaches that make it through firewalls. Two of the more interesting, and promising, are honey traps and polymorphic transformations. One is alluring and seductive; the other is a cyber shape-shifter.

Honey Traps

A honey trap is just what the name implies; it lures hackers into what looks like a tempting and vulnerable place and traps them there long enough for the cavalry to arrive and wipe them out.

By placing fake clues like false credentials to tempt hackers, a honey trap slows down an attack with misdirection, gets them to reveal their credentials, and alerts the system that it’s under attack, setting off tools to prevent them from getting farther into the system. They’re part of a larger set of “deception technologies” designed to identify and stop attacks that breach an organization’s firewall.

Polymorphs

Polymorphs, on the other hand, are designed to prevent the breach in the first place. They do this by randomly changing the structures of applications running on the system. Since hackers are looking for data structures of specific types, “morphed” programs are overlooked. And the fact that they are randomized prevents hackers from learning the structures to mount an attack.

Several of these technologies are offshoots of research done by governmental agencies that have emerged into the private sector with U.S. and Israeli companies often leading the way. Other, simpler, methods are also in use that at least deter brute-force attacks, although they will not prevent intrusion if a passcode is known. Apple’s system has been front-page news lately with their timeout feature that delays passcodes from being entered in increasing time intervals making brute force attacks impractical. Plus, their firewall wipes the phone completely after ten unsuccessful attempts, a feature that would obviously be disastrous to business systems.

Firewalls, Passwords and Safe Browsing

Hack attacks have evolved into a cat-and-mouse game with each side trying to stay ahead of the other. But how does this affect your business?

“Firewalls are still a very important security layer,” according to the Unleaded Group’s president, Jarod Clark. “We recommend a firewall that will automatically detect and ban malicious activity. We are seeing a huge increase in hacking attempts and staying fully up to date and patched is important.”

Exercising strong password policies, using difficult passwords and regularly changing them, never emailing them, and not sharing accounts within a company are also important, according to Clark. Beyond that, companies using e-commerce software such as Magento can self-test their systems and set administrative access in ways that make break-ins harder.

He also cautions against linking WordPress blogs directly to company websites since WordPress is comparatively weak at stopping hackers. “Once hackers compromise WordPress, they can get server-level access if it’s linked to the company site,” Clark says.

Whether at work or at home, be sure everyone on the network practices safe browsing. And don’t forget that common sense is your best defense. Firewalls and antivirus software are good, but they’re not perfect. If a link looks strange, don’t click it. If a site looks suspicious, don’t go there. If an app isn’t well documented, don’t download it.

As a global leader in high-performance e-commerce web development, the Unleaded Group takes security seriously. We constantly monitor the latest developments in internet security. We have best-practices security measures in place for both our facilities and the data on premises. State-of-the art backup systems protect data both onsite and in the cloud.