| 45.05 Honeypot Application Services: |
| 1. The Application Service Provider (ASP) has a major advantage over in-house service providers in that the ASP operates a large number of different application services and can use attack vectors on one application service to protect other application services. |
| 2. Working in conjunction with major security corporations, many honeypot application services are operated to lure the hacker and reverse engineer the hackers attack methods. |
| 3. By fully understanding how a hacker may attack an application service that is deliberatly designed to be appealing to a hacker, hen a large number of production application services can be made more secure and block such attack methods. |
| 4. Criminal attacks may be seen as an arms race where criminals gain knowledge of new attack methods and ASP must stay one step ahead with even better defensive methods. |
| 5. The honeypot idea was created when it became a requirement to be able to switch a criminal from a production application service to a fake application service without anybody noticing. |
| 6. As a policy, reverse attacks are never carried out against attackers because that would be illegal. However it is reasonable and legal to redirect an attacker to an alternative application service that only holds fake data and is specifically designed to test the skill and tools of the attacker. The honeypot application will appear to have certain kinds of documented vulnerabilities that the attacker may imagine they are penetrating to access payment card and intellectual property data. By keeping the attacker working on nice little vulnerability clues, the scope of the attackers skills can be determined and any special tools that are used can be evaluated in real terms. |
| 7. The attacker may imagine they have cleverly stolen credit card, passwords and intellectual property and it may later be seen up for sale on the Internet. In fact, it is cleverly made up fake data that has been stolen and is being sold to other criminals. |