Thinkst Combats Sophisticated Network Attacks with Canary Tools and Tokens
Thinkst, a cybersecurity firm, has witnessed a surge in advanced attacks on network infrastructure. Cisco Talos reports a rise in espionage attempts from China and Russia. Thinkst counters this with Canary Tools, honeypots that mimic real systems, and free Canary Tokens, tripwires alerting suspicious activity.
Thinkst's Canary Tools are honeypots that emulate full-blown systems, including personalized, private Canarytoken servers. These tools help detect intrusions by mimicking real systems and alerting when accessed. Cisco Talos has observed attackers using basic commands like 'show config', 'show interface', and 'show route' to understand a router's network perspective, underscoring the need for such tools.
Thinkst also provides free Canary Tokens, acting as virtual tripwires. These tokens are innocuous to attackers but serve as lures, alerting when they are accessed or specific files are opened. They can detect both external attackers and red teams, and are effective against initial intrusions. Thinkst offers nearly two-dozen free customizable tokens, including web bug/URL tokens, DNS tokens, AWS tokens, and custom exe tokens. These tokens can be embedded inside regular files and act like web beacons or web bugs that track when someone opens an email.
With escalating high-sophistication attacks on network infrastructure, Thinkst's Canary Tools and Canary Tokens provide robust solutions. These tools can help detect initial intrusions, prevent data theft and ransomware attacks, and alert unauthorized access in production environments. By setting virtual tripwires, companies can better safeguard their networks and respond swiftly to potential threats.
