I recently read an article on Tech Republic that described how the cybersecurity firm Norse Corporation is using a network of 80 million honeypots to track malicious activity on the web. A honeypot is a special computer or server that has been placed on the Internet to attract attackers, like Winnie-the-Pooh to honey. 80 million honeypots are going to track a lot of data, over 130 terabytes per day. This information is displayed on a pretty nifty Live Threat Map you can access online. This data is used in a security appliance of theirs called Dark Watch.
Norse released DarkWatch this week. DarkWatch is an attack intelligence offering available as either a virtual or hardware appliance that in addition to current threat detection will also detect what Norse calls, "virtualization-evading malware attacks using cloud vectors."
The article went on to describe all the methods used by Norse to search the web for emerging and ongoing threats and exploits. Norse also monitors:
- Internet Relay Chat (IRC
- Border Gateway Protocol (BGP)
- Peer-to-Peer (P2P)
- Crawlers
- Anonymous Proxies
- Open source
Again, this article is a deeper read for cybersecurity professionals or enthusiasts, but I strongly recommend it. What I liked about this article is that in a sea of seemly endless bad news about how cybercriminals are winning all the battles, that we can read about one way that cybersecurity professionals are making headway against this evil tide.
Share
AUG
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com