Expert Reaction On Honeypot Shows Multistage Ransomware should Have Critical Infrastructure Providers On High Alert

Earlier this year, Cybereason launched its latest honeypot to analyze the tactics, techniques, and procedures used by state-sponsored groups and cyber crime actors to target critical infrastructure providers. This honeypot was a follow up to a previous successful honeypot launched two years ago in 2018 looking at the same industry. The honeypot was built to look like an electricity company with operations in North America and Europe. In this new research, the Cybereason team identified multiple attackers executing ransomware operations involving data theft, the stealing of user credentials, and lateral movement across the victims network to compromise as many endpoints as possible. This includes critical assets like the domain controllers, which could take  between several minutes to several hours to properly infiltrate.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Paul Bischoff
Paul Bischoff , Privacy Advocate
InfoSec Expert
June 12, 2020 2:20 pm

The honeypot is a clear example of why governments must invest heavily in cybersecurity for critical infrastructure. Such attacks have been a worrying trend for several years. President Obama recognised the problem and signed an executive order to enhance critical infrastructure security in 2013. Infrastructure is high on the target list of nation-state actors because a successful attack could cripple a very large area and affect thousands or even millions of people. Major utilities like water, energy, communication, and transportation are all under threat of cyber attacks. Defending against these attacks requires high standards of both operational, physical, and information security.

Last edited 2 years ago by Paul Bischoff
1
0
Would love your thoughts, please comment.x
()
x