Security News > 2020 > January > Fake Smart Factory Honeypot Highlights New Attack Threats
A honeypot set up to observe the current security landscape in smart manufacturing systems observed numerous threats-including cryptomining malware and ransomware-in just a few months, highlighting the new threats that industrial control systems face with increased exposure to the internet.
To further study these threats, researchers with Trend Micro simulated the fake smart factory system last year in what they called "Our most realistic honeypot to date," according to their report.
The attacks started about two months after the honeypot went live on May 6, 2019; researchers kept the honeypot active through the end of the year.
The first attack came in July when researchers observed an attacker enter the system and download a cryptocurrency miner.
A unique attack in November disguised itself as a ransomware campaign, but actually was just a threat actor renaming filings so that two days later he could re-enter the system to delete files and leave open tabs of a porn site on the desktop.
News URL
https://threatpost.com/fake-smart-factory-honeypot-highlights-new-attack-threats/152170/
Related news
- Current attacks, targets, and other threat landscape trends (source)
- New Eucleak attack lets threat actors clone YubiKey FIDO keys (source)
- Cisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks (source)
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)