Honeypot osint for spies, secret agents and journalists…
First I want to make it clear that this information is purely academic and that in no way is the author of this document responsible for the malicious use of the information found here. The purpose of this post is just to share an idea that can be used in redteam vs blueteam exercises and cyber championships and contests.
My honeypot idea for osint techniques consists of planting evidence of a location controlled by us in our dummy social networks, standard profiles and in any other type of registration that does not require the submission of some product.
- Creating the HoneyPot
The honeypot should be a house or apartment, sheds are also welcome
as long as it makes it look like you (supposedly a target) operate from there.
The site should have methods to sound silent alarms for the site controller and if possible obtain audio and video monitoring information.
The site must have methods of paralyzing the intruder in non-aggressive ways. (Paralyzing gases.)
There are many ways to build the right environment, IP cameras are excellent for getting visual access.
Alarms and other defense devices can be built with arduio and raspbarryPI.
Thanks to powerful wireless technology all these devices can be spread around the house, positioned and triggered at the appropriate places and connected to a remote controlled computer. (For well-sponsored teams it is worth using a smart house).
- Defenses against Cyber kinetic attacks
Protecting against Cyber kinetic attacks is difficult and expensive, so a real-time cloud backup system is necessary, use automatic backup systems and send them to the cloud in case you need to recover them.
The advantages of sponsoring an osint honeypot are several, allowing you to anticipate the enemy, discover their identity and intentions, and perhaps even capture them for interrogation.
The disadvantages are that it will cost some money to keep the honeypot in an unsuspecting location, people may notice that the place is uninhabited and break in, so make sure you consider this when choosing the location, and this level is for cyber agents supposedly at war, so hopefully you won’t need to use it.