When it comes to stopping digital intruders, Canary by Thinkst is the last line of defense a network has.
Cyber-attacks happen every day, and they cost companies a lot of money. Juniper Research predicts cyber-attacks will cost businesses a combined $2 Trillion by 2019.
The security landscape loaded with products aimed to stop such things from happening. No matter how good your defenses are, the bad guys are always finding ways to penetrate the perimeter.
Look at the recent cyber-attacks on companies like Target and Sony. In Target’s case, attackers installed malware on Target’s entire network, stole 40 million credit card numbers and in total cost the company $252 million in damages. The attack on Sony cost $35 million after malware destroyed their financial and IT systems.
Both attacks were by hackers who gained access to the targeted systems days in advance and went unnoticed. Canary is designed to stop that.
Canary is a honeypot. A honeypot is a computer system that is set up to act as a decoy to lure cyber-attackers and to detect, deflect or study attempts to gain unauthorized access to information systems.
Like the classic canary in the coal mine, this canary warns you of danger you might not notice.
Canaries are deployed inside your network and communicate with the hosted console through DNS. The only network access your Canary needs is to a DNS server that’s capable of external queries, which is much less work than configuring border firewall rules for each device.
Just choose a profile for the Canary device (such as a Window box, brand name router, or Linux server). If you want, you can further tweak the services your Canary runs. Perhaps you need a specific IIS server version or OpenSSH, or a Windows file share with real files constructed according to your naming scheme (say, 2016-tenders.xls). Lastly, register your Canary with our hosted console for monitoring and notifications.
The only thing left to do is wait. Attackers who have breached your network, malicious insiders and other adversaries make themselves known by accessing your Canary. There’s little room for doubt. If someone browsed your fileshare and opened a sensitive-looking document on your Canary (\fin_srv_02\Planning\2016_forecasts.xls), you’ll immediately be alerted to the problem.