https://www.zdnet.com/article/ransomware-hackers-took-just-three-days-to-find-this-fake-industrial-network-and-fill-it-with-malware/
By Danny Palmer
ZDNet
June 11, 2020
Industrial control networks are coming under attack from a range of ransomware
attacks, security researchers have warned, after an experiment revealed the
speed at which hackers are uncovering vulnerabilities in critical
infrastructure.
Security company Cybereason built a 'honeypot' designed to look like an
electricity company with operations across Europe and North America. The
network was made to look authentic to entice potential attackers by including
IT and operational technology environments, as well as human interface
interface systems.
All the infrastructure was built with common security issues found in critical
infrastructure including internet-facing remote desktop ports,
medium-complexity passwords along with some customary security controls
including network segmentation.
The honeypot went live earlier this year and it was only three days until
attackers discovered the network and were finding ways to compromise it –
including a ransomware campaign which infiltrated chunks of the network, as
well as grabbing log-in credentials.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
