Two separate ransomware attacks illegitimately installed software that was used for consumer fraud.
Trend Micro, the multinational cybersecurity firm, announced today the results of a six-month long investigation into how hackers target unsecured industrial factories. The Tokyo-headquartered company created a honeypot that imitates a factory operating in an unsecured industrial environment. The experiment found that its sophisticated Operational Technology (OT) honeypot attracted financially motivated exploits.
Some of the common threats that its mock industrial environment was subjected to, include cryptocurrency mining and remote access. Two separate ransomware attacks illegitimately installed software that was used for consumer fraud.
“Too often, discussion of cyber threats to industrial control systems (ICS) has been confined to highly sophisticated, nation-state level attacks designed to sabotage key processes. While these do present a risk to Industry 4.0, our research proves that more commonplace threats are more likely,” said Greg Young, vice president of cybersecurity for Trend Micro.
The honeypot went live on May 6 and the human interface machines (HMIs) were exposed online without control access. To create the prototype of a realistic, industrial company, the same password was used for several workstations.
A mix of virtual machines and physical hosts was used to run the factory. This included programmable logic controllers (PLCs) and human machine interfaces (HMIs). Separate engineering and robotic workstations were employed, which were mapped to a file server. As the number of attacks went up, some of the threat actors became repeat offenders. A couple of months after going live, an attacker downloaded a cryptocurrency miner, which was later used to relaunch the miner and use the host’s hardware to mine cryptocurrency. Some of the other consequences from attacks included reconnaissance by malicious actors, which at times, caused system shutdowns.
ADVERTISEMENT
“More hackers appeared on our system. One of the most notable was behind a Crysis ransomware infection on Sept. 22. We watched as this threat actor downloaded the ransomware through TeamViewer and continued with their routine, up to the point they left the ransom note. We even interacted and haggled with the threat actor through an exchange of emails,” said the official report.
As the number of attacks went up, some of the threat actors became repeat offenders. On October 16, 2020, a security breach led to a robotic workstation sending out a beacon as a part of its lateral movement. A second ransomware attack on October 21 used a Phobos variant of the earlier attack.
Some hackers were more benevolent. On November 1, an attacker left a well-intentioned note advising the admin to put a password on their systems. “On Nov. 12, we saw an interesting attack that disguised itself as a ransomware campaign, when in fact the threat actor behind it had simply renamed our files. Two days later, on Nov. 14, this threat actor came back to the system to delete files and leave open tabs of a porn site on our desktop,” the report said.
“Owners of smaller factories and industrial plants should therefore not assume that criminals will leave them alone. A lack of basic protections can open the door to a relatively straightforward ransomware or cryptojacking attack that could have serious consequences for the bottom line,” said Greg Young, Trend Micro’s VP of cybersecurity.
ADVERTISEMENT
The company urges smart factory owners to reduce the number of ports left open to external connections, and to enforce cybersecurity best practices like changing access control policies. While it is difficult to completely mitigate attacks, the researchers argue that investing in basic cybersecurity products could prove to be a major deterrent.
Security, Messenger, Artwork: Apps For Parents To Stay Connected With Their Kids
1/7
When work takes the jet-setting father halfway around the globe, these applications make sure the little one never feels separated. (Text: Rajarshi Bhattacharjee)
When work takes the jet-setting father halfway around the globe, these applications make sure the little one never feels separated. (Text: Rajarshi Bhattacharjee)
App Store, Play Store, Amazon.com
It is a fun messaging app to connect with your kids when you are away. The app is independent of all social media sites and ensures that your child can safely communicate with you and other family members, as you validate all invitations received, and sent. Its fun features include photos, drawings, voice and text messages, personalised stickers and more. The app says all your children’s personal information is encrypted.
(Image: https://monster-messenger.com)
App Store, Play Store, Amazon.com
It is a fun messaging app to connect with your kids when you are away. The app is independent of all social media sites and ensures that your child can safely comm..
Read More
App Store, Play Store
Venturing on a secret adventure is going to be tough for your kid when you install this app on his /her phone. No matter which part of the globe work has taken you to, this app will give you exact realtime location of your little one. You can also set alerts when your child or family members arrive at or leave destinations, and plan your next family gathering.
(Image: www.life360.com)
App Store, Play Store
Venturing on a secret adventure is going to be tough for your kid when you install this app on his /her phone. No matter which part of the globe work has taken you to, this ap..
Read More
Play Store
With the ability to control the internet activity of different mobile devices remotely, Net Nanny is a great tool for enforcing data usage. It is a custom mobile browser that becomes your child’s default browser. You can manage which apps your child can or cannot use on his mobile phone.
(Image: www.netnanny.com)
Play Store
With the ability to control the internet activity of different mobile devices remotely, Net Nanny is a great tool for enforcing data usage. It is a custom mobile browser that becomes you..
Read More
App, Play Store
When it’s time to be a strict parent, switch to MMGuardian. It has a dedicated messaging app that will allow you to control who your child can text. It will send you alerts based on keywords, and share reports with the entire conversation. It also lets you block incoming calls and specific applications on your child’s handset. Although it is slightly invasive, it is better to be safe than sorry.
(Image: www.mmguardian.com)
App, Play Store
When it’s time to be a strict parent, switch to MMGuardian. It has a dedicated messaging app that will allow you to control who your child can text. It will send you alerts based on ..
Read More
App Store, Play Store
Skype is a platform where you can connect with your kid with photos, videos, voice messages, emoticons, emojis, not to mention high quality videos. In fact, you can stay connected with all your family members using Microsoft’s Family feature. If you’re using Microsoft Family, Skype will add all of your family members to your contact list.
(Image: https://play.google.com)
App Store, Play Store
Skype is a platform where you can connect with your kid with photos, videos, voice messages, emoticons, emojis, not to mention high quality videos. In fact, you can stay connec..
Read More
App Store, Play Store
If you are a parent of a pint-sized Picasso, this app will encourage you to photograph, save and share your child’s artwork with the phone. If you feel guilty over trashing your junior’s creations, this can assuage those feelings by turning them into lasting digital memories. The artwork can also be printed through the app, thus giving you ‘new and exciting ways’ to interact with your child
(Image: www.canvsly.com)
App Store, Play Store
If you are a parent of a pint-sized Picasso, this app will encourage you to photograph, save and share your child’s artwork with the phone. If you feel guilty over trashing yo..
