Trend Micro Creates Factory Honeypot and Traps Malicious Attackers

January, 22/2020 - 02:51
Trend Micro Creates Factory Honeypot and Traps Malicious Attackers

Six-month investigation results can help inform protection strategy for industrial environments

 

HONG KONG, CHINA - Media OutReach - 22 January 2020 - Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global leader in cybersecurity solutions, today announced the results of a six-month honeypot imitating an industrial factory. The highly sophisticated Operational Technology (OT) honeypot attracted fraud and financially motivated exploits.

 

The six-month investigation revealed that unsecured industrial environments are primarily victims of common threats. The honeypot was compromised for cryptocurrency mining, targeted by two separate ransomware attacks, and used for consumer fraud.

 

"Too often, discussion of cyber threats to industrial control systems (ICS) has been confined to highly sophisticated, nation-state level attacks designed to sabotage key processes. While these do present a risk to Industry 4.0, our research proves that more commonplace threats are more likely," said Greg Young, vice president of cybersecurity for Trend Micro. "Owners of smaller factories and industrial plants should therefore not assume that criminals will leave them alone. A lack of basic protections can open the door to a relatively straightforward ransomware or cryptojacking attack that could have serious consequences for the bottom line."

 

To better understand the attacks targeting ICS environments, Trend Micro Research created a highly realistic, industrial prototyping company. The honeypot consisted of real ICS hardware and a mix of physical hosts and virtual machines to run the factory, which included several programmable logic controllers (PLCs), human machine interfaces (HMIs), separate robotic and engineering workstations and a file server.

 

Trend Micro urges smart factory owners to minimize the number of ports they leave open and to tighten access control policies, among other cybersecurity best practices. In addition, implementing cybersecurity solutions designed for factories, like those offered by Trend Micro, can help further mitigate the risk of attack.

 

To read more about the research, including the design and deployment of the honeypot itself, please visit: https://www.trendmicro.com/vinfo/hk/security/news/internet-of-things/fake-company-real-threats-logs-from-a-smart-factory-honeypot.


About Trend Micro

Trend MicroIncorporated, a global leader in cybersecurity solutions, helps to make theworld safe for exchanging digital information. Our innovative solutions forconsumers, businesses, and governments provide layered security for datacenters, cloud environments, networks, and endpoints. All our products worktogether to seamlessly share threat intelligence and provide a connected threatdefense with centralized visibility and control, enabling better, fasterprotection. With more than 6,000 employees in over 50 countries and the world'smost advanced global threat intelligence, Trend Micro secures your connectedworld. For more information, visitwww.trendmicro.com.hk.

E-paper