Let Them Eat Data...

DataHeist is a countermeasure security system that is made to implement quickly and easily within your current network infrastructure.  It's a system that is made to be compromised and provide hackers with realistic data as a traceable payload in the  underground networks.

DataHeist consists of the following parts: A Windows-based Virtual Machine, A web site, a SQL database, and an alert system.  The web site and  database work in conjunction to make hackers believe that they have infiltrated your security. We leave a series of "breadcrumbs" leading a hacker to explore and compromise it to  gain access to the database. We also recommend that you leave some additional "breadcrumbs" on your production systems that lead snoops, hackers, and crackers to the DataHeist system. 

The faux web site is made to look like a test site created by programmers as a backdoor into the system. What they really want is the data that is stored in the database, so the payload is weakly protected but provides just enough challenge to serve as a validated reward  to the hacker. The realistic database contains tens of thousands of non-working credit card numbers, fake names, non-valid email addresses, realistic addresses with matching zip code and state, phony UPS tracking numbers,  bogus logins and passwords, mock phone numbers, non-valid social security numbers, and more.

Bait, Catch, Reset...

Once the database has been compromised, you are alerted that the information has been accessed and has been released into the wild.  You can now start to lockdown your real production system and take other actions against the intruders. You can reset the Virtual Machine back to it's shipping state and even load a fresh backend database with all new uncompromised data ready for the next attacker. 

DataHeist is made to compliment other types of security systems such as Web Application Firewalls and Intrusion Detection Systems as part of your PCI compliancy tasks. However, if you don't have those systems, the DataHeist Security Suite still makes an attractive target to ferret out unknown risks both internally and externally. 

Unhide in Plain Sight

Get the bees to your honeypot by leaving a trail for hackers and snoops will to follow.  Catch SQL injection and redirect them to the DataHeist system, bogus remarks in code, obvious labeling, internal emails, false infrastructure diagrams, and other "breadcrumbs" are great ways to start to divert and distract hackers. We include some templates to get you started.

DataHeist is designed to deploy easily into any infrastructure environment and to rapidly start providing itself as an attack target.  The VMware based image enables simple and fast deployment without requiring complex software installations.

 

Realistic Data Sets

The traditional honeypot system is easy for hackers to spot, there are tools that exist that hackers are using to identify a honeypot. One they realize they are on a honeypot system, they're off to the next target. A realistic dataset and system image keep hackers interested and divert attention away from your real backend data.

Invalid Credit Cards: Bogus Visa, MasterCard, American Express, and Discover numbers all pass validation rules. Includes bogus CVV2 values and PIN numbers. (Note: credit cards are not valid and cannot actually be used, nor should you attempt to use them)

Invalid Names, Phone Numbers, and Addresses: Realistic first names and last names with simulated phone numbers. False US-based addresses have street names, cities, with matching Zip codes and States.

Invalid Social Security Numbers: Stored SSN's pass validation rules, but aren't valid numbers.

Invalid UPS Tracking Numbers: Stored UPS Tracking Numbers pass hash based validation but aren't valid shipments.

Invalid Email Addresses: Saved email addresses are correctly formatted and weighted for large ISP's but aren't valid email addresses.

Invalid Login Information: Usernames and passwords are realistic.