The Net fights back with honey traps

The number of attacks this year on high profile Web sites has shown that e-commerce companies could feel almost defenceless against those who are determined to cause harm.

It is commonly known that there are no iron-clad defence strategies that can completely protect sites, except disconnection. But this does not mean that e-commerce is doomed. It only means that we need to move on from the old methods of securing the Net.

It is now necessary to prevent attacks before they happen, rather than reacting to the actions of virtual bandits. One way of doing this is to put in place systems which actively work to assist the police, so increasing the risk of conviction for hackers.

The term Honey Pot may therefore soon become a term hackers dread. It refers to a complex trap, within a firewall, which is activated once an intruder is detected trying to access confidential information, such as credit card details. Unauthorised traffic arriving at the site is diverted to a decoy site, which looks the same as the back office of the real thing, where they will be able to deface the decoy area and steal false data.

Once they are in the Honey Pot, a tracer is activated which can locate the attacker and contact police, and potentially they could be caught even before they finish their attack.

This kind of development is an important step in the creation of a safe Internet. Not only because it is effective practically, but it also works on a psychological level as well. Hackers can no-longer rest easy safe in the knowledge that if they try and fail to hack a site, they haven’t lost anything. It means that now it’s much harder for them to tell whether they have really been successful, or if they should be expecting a call from the long arm of the law.

This year, more aggressive security software can be expected, as big business moves to defend its hard-earned and expensive brands. They will no-longer be prepared to risk multi-million pound reputations on the ability of software to merely stop hackers. They will want to make sure these vandals don’t even think about trying. Their shareholders and customers would expect nothing less.