Once cybercriminals have gained access to a computer network, they need to find sensitive data worth stealing or encrypting. At this point in the attack kill chain, defenders have a window of opportunity to spot and contain the attack. Savvy hackers, however, know how to use living-off-the-land techniques that can be indistinguishable from normal network activity.
This is where cyber deception techniques prove useful. Defenders can create digital assets that look irresistible to attackers but act like tripwires, triggering enterprise security alerts.
The honeynet is the largest version of this kind of cyber decoy, consisting of a whole network of computers that appear to be sensitive targets. The next step down is a honeypot, a single computer or VM. The most granular type is the honey token, which could be an individual file or even an email address or user account. Honey tokens are sometimes called honey credentials, canary traps or canary tokens.
Falanx Cyber Security Limited (LON:FCS) provides enterprise-class cyber security services and solutions. They deliver end-to-end cyber capabilities, either as specific engagements or as fully-managed services.