Have you ever set up a fake email to redirect all of your spam? It can be really useful to see where spam may be coming from, but mostly just to get it out of the way. There are security measures that can be enacted on websites that serve a very similar function.
When a server is being bombarded by network attacks from botnets (series of interconnected IoT devices that are hijacked by sophisticated hacking methods) internet security professionals may choose to lay a trap for the culprit.
This technique is often referred to as a sinkhole.
What’s a sinkhole?
Sinkholing is a technique that is used to redirect server traffic to a server of your choosing.
Say you have two servers. One is used for your small business operations; the other, a backup, can be set up for anything you like. If your small business servers begin receiving a deluge of unusual traffic, it is possibly a malicious botnet attempt by a hacker to overload your servers.
To avoid a server bandwidth overload, you can set up your backup server as a sinkhole to redirect the traffic. A competent internet security professional can set up the sinkhole server to record the IP address of all traffic and prevent botnets from sending and receiving commands with their original server while they are ‘stuck’ in the sinkhole.
Security professionals and law enforcement both utilize sinkholing to protect their clients and track down the culprits of large-scale network attacks.
How botnets can be thwarted by sinkholes
If you have any internet connected devices in your home they are known as IoT (Internet of Things). Because all of these devices have small processors and are connected to the internet, sophisticated hackers are able to hijack them and borrow their processing power to send “pings” to a network. Using this method, hackers can commandeer a device like your IoT coffeemaker or thermostat to help them hack into major networks.
Each of these IoT devices has fairly weak processing capabilities so they are often grouped together along with other computers that are being manipulated. This grouping is what’s known as a botnet.
When a network of botnet signals is directed to crash a server, they can behave very maliciously. By bombarding the server with network signals they can overload its bandwidth and cause severe lag or crashes. This is known as a DDOS attack.
Botnets can also send and receive signals for farther instruction once connected to a network. This is something that you definitely do not want, but this is also why sinkholes are so effective.
When a botnet device is redirected to a sinkhole, it can be made to neither send nor receive any signals via a firewall. Talented security professionals can even set up measures that track botnet outgoing signals so proper authorities can locate the source of the hack.
In this way, the sinkhole is pretty aptly named. It is basically a cyber black hole trap of which you are the one that decides the rules, and it can be a hacker’s worst nightmare to fall into.
Top 5 cyberthreats of 2018 and how to prepare for them
Make sure that 2018 isn’t the year hackers take down your company, or steal your identity. Check out the top 5 cyberthreats upcoming in 2018, and learn how you can be prepared.