Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

Up to 25% of internet-exposed ICS are honeypots: researchers

(Maniturm / Pixabay)

By Eduard Kovacs

An analysis conducted by researchers at the Norwegian University of Science and Technology Gjøvik and the Delft University of Technology in the Netherlands showed that a significant percentage of the industrial control system (ICS) instances detected by internet scans are actually honeypots.

The researchers used the Censys search engine to identify internet-exposed ICS. They targeted 17 widely used industrial control protocols and discovered roughly 150,000 devices across 175 countries.  

The researchers then applied various criteria to determine how many of those ICS instances were real and how many were likely or possibly honeypots, decoy systems designed to attract threat actors in an effort to obtain valuable information on attacker tactics, techniques, and procedures (TTPs).

Read more at SecurityWeek

Click to listen highlighted text!