• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Security   »   Details Behind the NBC Honeypots: Part 2

Details Behind the NBC Honeypots: Part 2

  • Posted on:February 7, 2014
  • Posted in:Security
  • Posted by:
    Kyle Wilhoit (Senior Threat Researcher)
0

Recently, I was asked by NBC to participate in an experiment to deploy honeypots in Moscow, Russia, to see how fast they would be compromised. Taking a few steps from my previous blog, this post is intended to clarify some items; in addition an accompanying white paper will discuss the technical details behind the incidents that occurred. Click here to read ā€œExperiment Shows Russia is Still a Hotbed of Nefarious Digital Activity: Part 1.ā€Ā 

First, all the attacks required some kind of user interaction. Whether to execute ā€œapplicationsā€ or to open a Microsoft Word document, all the attacks shown required user interaction in order to compromise the device.

Second, these attacks could happen anywhere. They would not just happen in Moscow, nor did it require us to be in Moscow. Whether those attacks occur while you are sitting in a coffee shop in Berlin, or your home in Tokyo, these types of attacks can and do occur, on a worldwide scale.

Third, the infections occurred on newly unboxed hardware. Had basic security precautions such as updating the operating system or not opening emails from unrecognized sources been done, these attacks could have been prevented. A more detailed NBC video explaining these precautions can be seen here.

Finally, to reiterate, while all three devices looked like they had been compromised with no user interactions that was just not the case. Incorrect impressions may have been formed due to the editing process; no zero-days were used and all infections required plenty of risky behavior to succeed.

This blog post and the accompanying white paper both recommend various security best practices that most experts follow, and have been part of our advice to the general public for many years.

Related posts:

  1. FBI details major trends in cyber attacks against SMB’s
  2. FBI Looks Into Crystal Ball and Details SMB Attack Trends
  3. Digital skimmers: What are they and how can I keep my card details safe online?
  4. Duqu details come to light as malware exploits zero-day Windows flaw

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Detected Cyber Threats Rose 20% to Exceed 62.6 Billion in 2020
  • Trend Micro Recognized on CRN Security 100 List
  • Trend Micro Reports Solid Results for Q4 and Fiscal Year 2020
  • Connected Cars Technology Vulnerable to Cyber Attacks
  • Trend Micro Asks Students How Their Relationship to the Internet Has Changed During COVID-19
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, ę—„ęœ¬, ėŒ€ķ•œėÆ¼źµ­, å°ē£
  • Latin America Region (LAR): Brasil, MĆ©xico
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Ɩsterreich / Schweiz, Italia, Š Š¾ŃŃŠøŃ, EspaƱa, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.