Cybereason’s New Honeypot Project Traps Hackers Attempting to Infiltrate Industrial Control Systems of Major Electricity Provider

Share Article

Cybereason created a honeypot to bait hackers looking to infiltrate the industrial control systems of energy providers. The research results highlight the fact that non nation state actors are also interested in infiltrating these networks.

Cybereason, creators of the leading cybersecurity AI Hunting Platform, unveiled results of its newest honeypot project looking at intrusion attempts against industrial control systems (ICS) environments in the energy sector.

Titled ‘ICS Threat Broadens: Nation-State Hackers Are No Longer The Only Game In Town,’ Cybereason’s report is first-of-its-kind research looking at the tactics, techniques and procedures used by a broadening group of threat actors to infiltrate energy companies. The findings revealed that the energy sector is now an attractive market for less skilled hackers, and we cannot assume nation-state attackers from countries such as China, Russia, North Korea and Iran are exclusively behind ICS attacks.

“Unlike other attackers who buy and sell access to compromised networks, the adversaries who purchased access to the ICS honeypot showed no interest in partaking in more generic and less targeted activity like running botnets for cryptomining, spamming and launching DDoS attacks,” said Israel Barak, Cybereason’s CISO.

Cybereason’s research comes on the heels of a recent report that Russian hackers have gained access to control rooms at power plants across the United States. In addition, the Department of Energy has scheduled a tabletop exercise this fall to test the readiness of the power grid to bounce back from a blackout caused by hackers.

“The biggest lesson learned from the honeypot is that multiple tiers of attackers find ICS environments interesting. That’s increasing risk for people who operate those types of systems. The security basics are really what’s going to prevent a bad day from becoming a catastrophic day,” said Ross Rustici, senior director, intelligence services, Cybereason.

Cybereason successfully launched another honeypot earlier this year targeting the financial services industry. Dubbed ‘Operation Honeypot,’ researchers learned that cyber criminals are using automated bots to support crimes such as spam campaigns, data mining and multi-purpose breaches that lay the foundation for human attackers to extract data and intellectual property.

About Cybereason
Cybereason, creators of the leading cybersecurity data analytics platform, gives the advantage back to the defender through a completely new approach to cybersecurity. Cybereason offers endpoint detection and response (EDR), next-generation antivirus (NGAV), and active monitoring services, all powered by its proprietary data analytics platform. The Cybereason suite of products provides unmatched visibility, increases analyst efficiency and effectiveness, and reduces security risk. Cybereason is privately held, having raised $189 million from top-tier VCs, and is headquartered in Boston, with offices in London, Tel Aviv and Tokyo.

Learn more:
Follow us: Blog | Twitter | Facebook

Media Contact
Bill Keeler
Director, Public Relations
(929) 259-3261

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Bill Keeler
+1 929 259-3261
Email >