Legal ramifications of anti-hacker honeypots

hacker
Credit: CC0 Public Domain

In the context of information technology, IT, a "honeypot" is an attractive online destination usually established to attract malicious third parties who then, assuming they have reached a valuable resource unwittingly reveal details about themselves in order to access what they perceive is within the honeypot. A honeypot might also be referred to as a honeytrap.

However, writing in the International Journal of Information and Computer Security, US researchers caution that the use of a honeypot to gather personal or private data albeit of a malicious third party, or hacker, may well be in breach of local and perhaps even federal laws in some situations. Use of a honeypot may also leave the operator open to issues of legal liability because of the deception that is the honeypot by definition.

Also, by opening a honeypot on a system it might attract hackers who then find a way to access the genuine parts of the network or other system and so compromise that legitimate content in some way, exposing the honeypot operator to liability for damages caused.

Having recognized the putative legal implications of operating a honeypot, the team offers recommendations for how to detect and deceive malicious third parties who may be attempting to fraudulently access the actual online resource without compromising the operator. Moreover, by taking a properly legally compliant approach to a honeypot, the evidence accrued from third parties might then ultimately become useful and admissible in the prosecution of that third .


Explore further

Hiding the honeypots: Is it possible to hide honeypot traps from Botnet drones

More information: Adam J. Brown et al. What's in your honeypot: a privacy compliance perspective, International Journal of Information and Computer Security (2019). DOI: 10.1504/IJICS.2019.099443
Provided by Inderscience
Citation: Legal ramifications of anti-hacker honeypots (2019, May 9) retrieved 19 May 2019 from https://phys.org/news/2019-05-legal-ramifications-anti-hacker-honeypots.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
9 shares

Feedback to editors

User comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more