Decoy ICS/SCADA Water Utility Networks Hit By Attacks

[InfoSec News <alerts () infosecnews org>]

http://www.darkreading.com/advanced-threats/167901091/security/application-security/240151010/decoy-ics-scada-water-utility-networks-hit-by-attacks.html

By Kelly Jackson Higgins
Dark Reading
March 18, 2013

It took only a few hours before attackers started to hammer away at two decoy 
water utility networks stood up in a recent experiment that resulted in 39 
attacks from 14 different nations over a 28-day period.

Researchers at Trend Micro built two honeypot-based architectures that mimic a 
typical ICS/SCADA environment, including one that included a Web-based 
application for a water pressure station. The goal was to determine what kinds 
of attacks and attackers are going after ICS/SCADA systems today, and the 
researchers were a bit surprised by some of what they saw.

Kyle Wilhoit, a researcher with Trend Micro who led the experiment, found that 
most attacks on ICS/SCADA systems appeared to come from China (35 percent), 
followed by the U.S. (19 percent) and Laos (12 percent).

"I had initially anticipated normal drive-by, automated attacks, not really any 
type of attack going in and trying to modify these systems. But it obviously 
went much differently," he says. "We got attacked quite a bit more and in 
different ways than we anticipated."

[...]


______________________________________________
Attend #HITB2013AMS April 8th - 11th in Amsterdam.
Featuring over 42 international speakers and keynotes
by Bob Lord and Edward Schwartz http://conference.hitb.org