Have you heard of web beacons? You likely interact with them daily if you browse the internet a lot. They are invisible files embedded on websites or emails that trigger a GET request from the user that interacts with them. Above all, web beacons are techniques to track your activity without any malicious intentions.
Many marketing and analytics companies use web beacons to keep track of website visits or advertisement clicks. Also, they’re used in emails to count the people who have read them. An instant response is sent back to the one who set up the web beacon once someone triggers it. The response usually contains the IP address and time of opening the email or website.
Even though some people call them “spyware”, you shouldn’t be worried about the web beacons you encounter on popular websites. They are purely used for statistics and getting to know how well the business is going. This article will go through a method to use web beaconing with canary tokens to detect threats. We will also set traps for hackers and know whenever our personal information is exposed.
How Canary Tokens Work?
Canary tokens’ ironic name comes from how canaries were used to detect toxic gases in mines before people get hurt. But in the world of cybersecurity, the term “canary tokens” is a phrase used to describe a type of trap that is used to detect when a hacker is trying to access a computer system. It’s not a defensive mechanism but works as an efficient threat detection mechanism. If your system has been breached, you’ll likely know as soon as it happens.
Canary tokens typically consist of a small piece of software that’s placed on a system, and the software’s job is to check to see whether the system has been accessed. If the system hasn’t been accessed, the canary token will continue to check the system regularly, and if it detects that the system has been accessed, it will alert the system’s owner.
Setting Up Canary Token Traps
Setting up a canary token trap is pretty easy. You just need to install the software on a computer or server, and then you can start monitoring the computer and see whether it has been accessed. But first, let’s see what hackers search for:
- Personal Information
- Company Information
- Credit/Debit Card Details
Those are the main three. In order to catch a hacker, you’ll need to disguise your trap as sensitive data. You can go on canarytokens.org and create a Microsoft Word document with a canary token. Input your email to get notified whenever someone opens your file and set a message to receive whenever someone opens this particular file.
You can do the same with URLs, images, excel, pdf files, and more. Traps are easy to create, but in order to work, you need to lure the hacker. Create enough traps and label them as “personal information” or “passwords”, etc. If your system has been penetrated and a hacker opens them, you’ll instantly know that.
More Canary Token Uses
We’ve already mentioned a few ways to use canary tokens, but that’s not all! We can’t go through all of them, but we’d like to go through them a little bit more. When using canary tokens in an URL, you can track a website’s activity. While monitoring the users, you can also get to know their location. This is indeed useful for global companies.
Using canary tokens in an SQL server, you can get notified whenever an SQL query is performed on a database. Any UPDATE, SELECT, DELETE, and INSERT queries will be reported back to you. If you’re using AWS, you can also track your API key access.
Hackers’ Point of View
Whenever a hacker enters your system, he will search for any information that would bring him profits. Most of the time, sensitive data can be found in My Documents. That’s a great location to place a trap. If you catch the hacker and blacklist his IP address as soon as he opens your first trap, any other information will likely stay safe.
Yet, the hacker won’t know he’s exposed, so that you won’t have much time. Time’s crucial here, and if you have sensitive data, you’d better hurry. He will be exploring your PC for as long as you take to deny his access.
What’s Next?
After you set traps correctly and try them out yourself, you can relax as you’ll get notified whenever a hacker penetrates your system. Try opening each one of your canary token traps as soon as you create them. If you get an email, then it’s working all good.
Conclusion
Canary tokens offer a free and easy threat detection system for your devices. You can put it on mobile devices, laptops, computers, servers, URLs, and more. Organizations usually take weeks or even months to detect a data breach.
We’d like to recommend that you create a strong password for your system. Even if your computer is infected with a Remote Access Trojan (RAT), the password could prevent any access when you’re away.
However, canary tokens on word won’t grant you high security or guaranteed response. They can be bypassed if the hacker has a careful approach. To do so, he’ll need to inspect the file using peepdf for Kali Linux. It takes time, and hackers don’t usually go through so much trouble. They’d instead copy all sensitive-looking information on your computer and go through it later.