Sophos, an IT and network security company, conducted a study entitled “Exposed: Cyberattacks on Cloud Honeypots”. The study involved placing servers in 10 of the most popular data centres around the globe.
The servers were ‘honeypots’ configured in an open and vulnerable way to lure a cybercriminal attack. The study included both ‘low-’ and ‘high-interaction’ honeypots. The low-interaction honeypots logged and stored log-in attempts, providing information on a hacker’s IP address and the username and password used during the attempted log-in.
The high-interaction honeypots allowed further interaction with the hacker to try and gather information about the administrative commands made by the hacker after they managed to log in.