(image by jag_cz, via Adobe Stock)
Sometimes you don't swat the flies that buzz around your table. Sometimes you study them so that you can better swat the next round of flies. That's what Larry Cashdollar, senior researcher at Akamai, did when hackers swarmed a honeypot he deployed earlier this year. And what he saw were trends in hacking that might make life just a little more difficult for future cyber flies.
"I had set up a honeypot that was pretty much just a Docker image that I just made to look like an SSH Web server," Cashdollar says. More than that, though, he tried to make the image look as much like a full-fledged Linux server as possible. It was important for this bit of research that the attackers not realize they had successfully attacked a honeypot.
"What I wanted them to do was log in, think that it's either a compromised Linux host or a compromised Docker system, then stay there and drop their warez and do whatever it is that they're gonna do with with a system once they compromised it," he explains.
What Cashdollar discovered was the attackers had patterns in how they attacked the honeypot, as well as patterns in what they did with the compromised system once they were inside.
One of the patterns Cashdollar noticed was that certain username/password combinations were associated with specific malicious actions. In a blog post on his research
Support the originator by clicking the read the rest link below.
![Gamified Learning: Using Capture the Flag Challenges to Supplement Cybersecurity Training [Guest Diary], (Sun, Mar 17th)](upload/sources/90591557817151.jpg)
