Steve Schmidt is the chief security officer at Amazon. He’s in charge of safeguarding everything from classified government contracts to your Amazon orders. Among his secret weapons? A sprawling network of decoy systems — thousands of digital traps that lure hackers into revealing themselves. It’s called MadPot, and it recently helped expose one of the most sophisticated cyber operations ever linked to China: Volt Typhoon.
The Click Here podcast spoke with Schmidt about honeypots, AI’s role in cyberdefense, and why he believes the biggest vulnerability isn’t in the code. It’s in the people. The interview has been edited for clarity.
CLICK HERE: Can you talk a little bit about MadPot, what is it and how does it work?
STEVE SCHMIDT: MadPot is a honeypot network. A honeypot is a computer system that's been specifically built to be attacked. So it's designed to attract adversaries by presenting the image that it's a vulnerable computer system. Adversaries then probe for it. They find it. They interact with it and they often deploy their tools to it in an effort to exploit the system. It's a super important part of our overall intelligence apparatus because it allows us to identify what our adversaries are interested in, the tools that they're using, the techniques that they use, and even down to which one of our customers might they be going after.
CH: How often do adversaries actually interact with these honeypots?
SS: It is absolutely constant. So to give you some relatively scary numbers, we operate some 10,000 of these things around the internet right now. It takes about 90 seconds for one of these honeypots to be probed by an adversary — from when it goes online, within three minutes adversaries are trying to exploit it. So whenever I hear anybody saying, "Oh, I'm gonna put something on the internet, but nobody will know it's there and it'll be safe because it's innocuous" — you’ve actually got 90 seconds before someone knows.
No comments:
Post a Comment