I have been thinking about this article from Cyberscoop entitled Researchers set up a mock factory network — and watched the criminals rush in and its definitely a thinking article. While we mourne the loss of Basketball’s Legend, Kobe Bryant, criminals will stop at nothing to get their wares out there. According to Cyberscoop, the researchers did this as an experiment, and the criminals came calling, even though it wasn’t a real factory doing real work.
Here’s a section of this article.
“These are career ransomware actors that are doing these things,” Trend Micro senior threat researcher Stephen Hilt told CyberScoop, reflecting on how professionalized and sector-agnostic ransomware attacks have become.
In both cases, the attackers were able to lock up files on the network by breaching the faux factory’s robotics workstation, which was exposed to the internet. The researchers had very weak security controls in place to make a point: some small businesses, even those in critical infrastructure sectors, fail to do the basics.
There was also raw opportunism on display.
“They were going after [the honeypot] because it was a computer on the internet,” Hilt said. For the attackers, it was just another potential ransomware target, albeit one that purported to support critical manufacturing processes.
While this was a simulated test, and there are other links within this which is why I didn’t take from there, what can we learn? Wannacry was a true tale, and if you want to learn from it, simulated tests like this are crucial to this. I say: Go for it! Simulate another attack to see what you can learn. Its elsewhere, and not harming anyone, and the data may be of value.
Have you seen this article? Let me know what your thoughts are.
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.