"Fake Factory Experiment Illustrates Attackers' Tactics"

An experiment carried out by researchers at Trend Micro further demonstrates the increased interest that attackers have in targeting industrial control systems, as well as how skillful these attackers have become at executing attacks on such infrastructure. In the experiment, researchers set up a network of honeypots to act as a "smart factory," consisting of programmable logic controllers, human-machine interfaces, and other components commonly used with industrial control systems. A fake website was also created for the fictitious factory to give it a backstory and attract attackers. The researchers used the honeypots to track hackers' movements, tools, and techniques. During the experiment, researchers observed a malware-based cryptomining attack. They also saw two instances of ransomware infection with the first using a strain called Crysis and the second using a strain known as Phobos. Their findings call for organizations that run industrial control systems to re-evaluate and strengthen their security measures and defenses. This article continues to discuss how researchers set up the virtual factory, the types of attacks captured in this experiment, and the importance of improving industrial system security practices. 

GovInfoSecurity reports "Fake Factory Experiment Illustrates Attackers' Tactics"