The largest Russian provider of digital services and services Rostelecom offered telecom operators to set traps for hackers - honeypots.
The concept of creating a new cyberattack warning system was presented at a meeting of the Information Security working group as part of the Digital Economy national project.
It is known that we are talking about creating special software that will simulate the vulnerability of the server, seeing which hackers try to hack the network of companies. At this time, the program will record all the actions of the attacker and send them to specialists. Experts of Rostelecom are sure that in this way it will be possible to collect information about new methods of hacking.
Operators must set these traps themselves and exchange data with other companies. At the same time, Rostelecom's concept does not imply state financing of the project, and the company does not specify the cost of the entire system.
According to the head of the Russian research center Kaspersky Lab Yuri Namestnikov, businessmen will incur minor expenses. Basically, the money will be used to select specialists and improve servers and security.
IT-experts call telecom operators one of the most interested users of honeypots. Positive Technologies expert Dmitry Kasymov said that telecom operator can’t be called secure in principle. "During the conduction security audits, we identify many vulnerabilities that allow attackers to leave subscribers without communication, listen to their conversations and intercept SMS, use communication services at their expense and even bypass the operator's billing systems.
These security flaws are already being exploited by hackers, even for stealing money from Bank accounts," explained he.
So, many Russian mobile operators supported Rostelecom's initiative to create a system of honeypots, as the infrastructure of these telecommunications companies still suffers from cybercriminals.
However, Kaspersky Lab experts warn that misuse of the honeypot concept can be dangerous. If you do not configure this type of system properly, it can become a source of additional threats to the network infrastructure.
