Dangers in luring hackers with honey

Dangers in luring hackers with honey

LAS VEGAS'Honeypots, or decoy servers and networks set up to lure hackers, are gaining enough sophistication to permit spying on hacker activity. But they might also create legal traps for their operators, a Justice Department lawyer said at the Black Hat Briefings here yesterday.

'Consult legal counsel before you set one up,' said Richard P. Salgado, a trial attorney in the department's Computer Crime and Intellectual Property section.

No operators of honeypots have been subject to federal prosecution or civil suits so far, Salgado said. But he added that three things should be considered before setting up a system to monitor intruder traffic.
  • Federal wiretap laws prohibit interception of electronic communications, including traffic monitoring across a network. There are exceptions for network protection, but Salgado said that is an 'uneasy fit' for honeypots, because they are set up with the expectation of being attacked.

  • An operator might be held liable for damages if a compromised honeypot is used to launch an attack against a third party. 'We don't know' if such liability would hold up in court, Salgado said.

  • A hacker charged with illegal activities involving a honeypot could argue entrapment, which Salgado said is a difficult defense. He said it might not apply to so-called passive honeypots.

The bottom line in honeypot law is, 'it's untested,' Salgado said. No federal case law exists, and researchers who use honeypots could find themselves trendsetters'in court.

About the Author

William Jackson is a Maryland-based freelance writer.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.