Mykonos’s motto is two-fold.
When you think of protecting a website from hackers, the first thing that comes to mind is probably blocking them out. But what if you just let them on a wild-goose chase, feeding them nuggets of false information and leading them down dead-ends until they get fed up and go do something else?
That’s the strategy behind Mykonos Software‘s security program, which takes a “step right in, let me fetch you a cup of tea and bore you to tears” approach to protection. The tool identifies individuals who are running common searches for security weaknesses on a site, logs their information, and continues to play them for suckers by dribbling out a breadcrumb trail that appears to yield passwords and other tasty vulnerabilities, but ultimately leads nowhere. CEO David Koretz explained to Tom Simonite at Tech Review the various ways in which the software plays with attackers:
A scan that might usually take five hours could take 30, Koretz says. Other tactics include offering up dummy password files, which can help track an attacker when he or she tries to use them. “We’ll let them break the encryption and present a false login page. We have the ability to hack the hacker,” says Koretz.
Marconi and assistants erecting a radio antenna.
They call themselves hacktivists. Or they say they’re doing it just for the lulz: Some hackers take over sites, swipe users’ information, and then post their exploits online just to make the point that hey, you losers aren’t as safe as you thought you were. Better fix that gaping hole in your electronic chain link fence.
It may seem like the kind of public embarrassment only possible in the networked age (at least, Sony probably remembers the era of the Walkman a lot more fondly than this last mortifying year of being hacked again and again), but as Paul Marks writes in New Scientist, it ain’t necessarily so. Just ask Guglielmo Marconi, the inventor of the wireless telegraph.