Who is attacking industrial control systems?
Posted on 18 March 2013.
Since the discovery of Stuxnet, industrial control systems (ICS) and supervisory control and data acquisition (SCADA) networks have received a fair share of attention from researchers and attackers alike.

Introduced decades ago when security was not that great a concern and when most of them weren't connected to the Internet or to a LAN, these systems are now getting bolt-on security. Realistically, problems related to this are only starting.

If you don't believe that these systems make such great targets, consider the results of a recent report by a Trend Micro researcher who set up honeypot architecture emulating a number of of SCADA and ICS devices and featuring typical vulnerabilities found on similar systems.

Accessible from the Internet through simple Google searches (as many of these systems are), his honeypots were targeted both by automated and targeted attacks, and it took only 18 hours for the first one to be detected.

"Out of these 39 attacks, 12 were unique and could be classified as 'targeted' while 13 were repeated by several of the same actors over a period of several days and could be considered 'targeted' and/or 'automated.' All of these attacks were prefaced by port scans performed by the same IP address or an IP address in the same /27 netblock," says Threat Researcher Kyle Wilhoit.

Unsurprisingly, 35 percent of these attacks originated in China, and 19 percent in the United States. All other "players" didn't surpass the one digit limit, except for a unexpected "third place" occupied by hits from Laos:

Wilhoit also made a list of different types of attacks that were attempted (including spearphishing a site administrator) and covered good advice for preventing them. He also included a lot of details concerning the setup of such honeypots.


How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals itís our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Sep 19th