TrendMicro HoneypotA recent research paper about an ICS honeypot is great in several ways:

  1. It shows how easy it is to set up a fake company. These ‘companies’ can then be used for fraud and phishing (terminal spoofing for example) but also for malware distribution.
  2. You learn which vulnerabilities attract attackers.
  3. It describes perfectly how hackers exploit an exposed OT network.
  4. The impact of a hack becomes clear. Your OT network becomes compromised causing discontinuation of business.

The researchers make use of common design errors and configuration mistakes (vulnerabilities). The OT network design is incorrect leaving your critical network connected to the internet. If you allow remote access then make sure that the appropriate security controls are taken and that they are effective. Information like P&ID’s and network topologies are business confidential and must therefore not be shared through fileshares like Dropbox or sent to generic mailboxes. Information like this is gold in the hands of adversaries.

Contact us, we will be happy to explain how we can protect your IACS.

Read more about the research on the researchers website

Emerson presentatie Had a great day with colleagues from CR-Team and KH-Engineering at Emerson’s innovation day “Industry 4.0 in action”. They showcased some great developments and clearly develop their products with security in mind.

So, all good? Well between acquisition and actual implementation an awful lot can go wrong…

Make sure that shortcuts in architectural design and configuration and setup flaws don’t ruin your operations. We will be happy to advice about ISA99/IEC 62443, purdue and secure architecture principles. With our passive OT scan we can detect and remediate any vulnerabilities before the project goes live.