I recently read an article on Tech Republic that described how the cybersecurity firm Norse Corporation is using a network of 80 million honeypots to track malicious activity on the web. A honeypot is a special computer or server that has been placed on the Internet to attract attackers, like Winnie-the-Pooh to honey. 80 million honeypots are going to track a lot of data, over 130 terabytes per day. This information is displayed on a pretty nifty Live Threat Map you can access online. This data is used in a security appliance of theirs called Dark Watch.
Norse released DarkWatch this week. DarkWatch is an attack intelligence offering available as either a virtual or hardware appliance that in addition to current threat detection will also detect what Norse calls, "virtualization-evading malware attacks using cloud vectors."
The article went on to describe all the methods used by Norse to search the web for emerging and ongoing threats and exploits. Norse also monitors:
- Internet Relay Chat (IRC
- Border Gateway Protocol (BGP)
- Peer-to-Peer (P2P)
- Anonymous Proxies
- Open source
Again, this article is a deeper read for cybersecurity professionals or enthusiasts, but I strongly recommend it. What I liked about this article is that in a sea of seemly endless bad news about how cybercriminals are winning all the battles, that we can read about one way that cybersecurity professionals are making headway against this evil tide.Share