Earlier this year, Cybereason launched its latest honeypot to analyze the tactics, techniques, and procedures used by state-sponsored groups and cyber crime actors to target critical infrastructure providers. This honeypot was a follow up to a previous successful honeypot launched two years ago in 2018 looking at the same industry. The honeypot was built to look like an electricity company with operations in North America and Europe. In this new research, the Cybereason team identified multiple attackers executing ransomware operations involving data theft, the stealing of user credentials, and lateral movement across the victims network to compromise as many endpoints as possible. This includes critical assets like the domain controllers, which could take between several minutes to several hours to properly infiltrate.
Experts Comments
Be part of our growing Information Security Expert Community (1000+), please register here.
Linkedin Message
@Paul Bischoff, Privacy Advocate, provides expert commentary at @Information Security Buzz.
"President Obama recognised the problem and signed an executive order to enhance critical infrastructure security in 2013...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/exoert-reaction-on-honeypot-shows-multistage-ransomware-should-have-critical-infrastructure-providers-on-high-alert
Facebook Message
@Paul Bischoff, Privacy Advocate, provides expert commentary at @Information Security Buzz.
"President Obama recognised the problem and signed an executive order to enhance critical infrastructure security in 2013...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/exoert-reaction-on-honeypot-shows-multistage-ransomware-should-have-critical-infrastructure-providers-on-high-alert