Published in News

Trend Micro set up a fake IT factory

by on24 January 2020

Wanted to study attackers

Trend Micro created a fake tech company, complete with AI-generated photos of fake employees, in order to build a honeypot environment that looked like an actual, working tech factory environment.

According to ZDNet, the move was designed to better understand the latest threats to IT systems, antivirus and security.

Malicious hackers are targeting factories and industrial environments with a wide variety of malware and cyberattacks including ransomware, cryptocurrency miners -- and in some cases they're actively looking to shut down or disrupt systems,.

Trend Micro built a honeypot that mimicked the environment of a real factory. The fake factory featured some common cybersecurity vulnerabilities to make it appealing for hackers to discover and target.

  "To help make the honeypot as convincing as possible, researchers linked the desktops, networks and servers to a false company they called MeTech and created a website detailing how the manufacturer served clients in high-tech sectors including defense and aerospace -- popular targets for hacking."

The website even featured images and bios of people who supposedly worked for the false brand, with headshots generated by artificial intelligence in an effort to make the honeypot look as much like a legitimate company as possible.

Trend Micro even leaked details of system vulnerabilities in things like Virtual Network Computing (VNC) access to further lure criminals in. The fake company was attacked by everyone from ransomware actors to cryptocurrency miners, to hackers that did "recon" to look for possible industrial espionage data.

Greg Young, vice president of cybersecurity for Trend Micro, said the research indicated that industrial companies are primarily vulnerable to bog standard cyber-threats.

He said: "Too often, discussion of cyber threats to ICS has been confined to highly sophisticated, nation-state level attacks designed to sabotage key processes. While these do present a risk to Industry 4.0, our research proves that more commonplace threats are more likely."

Young warned owners of small smart factories against the dangers of thinking that their company's size makes them somehow immune to the threat of cyber-attack.

He said: "Owners of smaller factories and industrial plants should not assume that criminals will leave them alone. A lack of basic protections can open the door to a relatively straightforward ransomware or cryptojacking attack that could have serious consequences for the bottom line."

Last modified on 24 January 2020
Rate this item
(0 votes)

Read more about: