Overabundant honeypots present cyber data accuracy challenges

SiliconAngle reports that over 240,000 hosts are being identified by a Shodan search to be Confluence servers even though the total number of internet-exposed Confluence servers is only about 4,000. Such a discrepancy signifies the excessive number of Confluence honeypots, or decoy systems made to impersonate legitimate software in a bid to attract threat actors, which could result in the overestimation of possible risks facing Confluence servers, a report from VulnCheck showed. Researchers emphasized the value of precision in determining the number of hosts that could be affected by potential vulnerabilities, noting that overinflating figures could prompt reduced focus on real cybersecurity threats. "Honeypots are a net good for the security community but their expanding popularity does make understanding real-world attack surfaces much more difficult for defenders, not just attackers," said the report, which noted that other software and apps are also plagued with an overabundance of honeypots.