Project Honey Pot Finds Malware – And So Does MicroSolved’s HoneyPoint #Security Server

Project Honey Pot, a non-profit grassroots community of IT professionals founded in 2004 to capture and analyze malicious traffic, just captured its one billionth spam message. It is marking the opportunity by releasing its findings. They discovered that the number of computers co-opted as part of botnet operations has experienced a yearly average increase of 378%.

“Fortunately, Project Honey Pot’s coverage of active botnets has grown over time at an even faster rate. In 2006, we saw less than 20% of the active bots on any given day. Today we see more than 80%”, the Project said. Project Honey Pot is on a quest to find where spammers hide. They used the fact that botnet computers are primarily utilized for sending spam to do data analysis. It took the number of infected PCs in a country, divided by the number of Project Honey Pot members in the country, to create a ratio showing how friendly that country was to spam originating within its borders.

The Project also found that different types of spam campaign used harvested messages with varying speed. Product-based spam campaigns would build up a collection of harvested addresses for as long as a month before mailing them. On the other hand, they found that ‘fraud’ spammers who commit phishing scams, tended to send to and discard harvested addresses almost immediately.

We’re aware of these issues and have a potent weapon against such threats. Our HoneyPoint Security Server has been praised by our clients in helping them by providing more direct, targeted information on threats than anything they’ve experienced. HoneyPoint Security Server was born out of a three year initiative to break the attacker cycle. Its power and flexibility come from the underlying realization that attackers have a need for confidentiality, integrity and availability too. HoneyPoint leverages these needs and turns the tables on attackers at every opportunity.

While HoneyPoints seek to remove the confidentiality of attackers, we wanted to go beyond that basic approach. To accomplish this, MSI invented HornetPoints and HoneyPoint Trojans. HornetPoints also emulate typical services, but when they are probed, they don’t just alert – they engage in a patent- pending technique called “defensive fuzzing” that actively tampers with the attack results. In many cases, this actually breaks attacker tools and confuses all but the most focused of cyber-criminals.

HoneyPoint Trojans also make assaults on attacker integrity. These common appearing documents and files look just like any other juicy bits of target data, except these files hold a special secret – a sting. HoneyPoint Trojans alert security teams when they are interacted with, allowing you to find the source of illicit behavior and even track who is doing what as the Trojan is passed through the attacker underground. Imagine the impact that HoneyPoint Trojans have when attackers are afraid to read captured documents, unable to sort out what is real and what is a trap.

HoneyPoint Security Server can even target attacker availability. Using the incredibly flexible plugin architecture, it can easily be integrated with existing defense-in-depth tools such as routers, switches, firewalls and SEIM products. It can alert administrators for human responses or be a part of a fully automated security solution. Many of our clients depend on HoneyPoints and HornetPoints to drastically reduce their risk levels. Wouldn’t you love to stop wasting time by chasing ghosts and instead chase the real thing? Why not contact us today and let us help you do the same? Hackers aren’t waiting. Neither should you.

Leave a Reply