

Honeypots Lure Industrial Hackers Into the Open - relaunched
http://www.technologyreview.com/news/514216/honeypots-lure-industrial-hackers-into-the-open/

======
relaunched
There were a few things that I found disturbing, but in the wake of the whole
Chinese State-sponsored hacking agenda, the findings were definitely
suggestive, albeit with all the normal caveats of a small sample size.

"A total of 39 attacks were mounted on Wilhoit’s honeypots, some of which
involved modifying the settings of the physical system they appeared to
control. Attacks appeared to originate from computers in a variety of
countries, with 35 percent from China, 19 percent from the U.S., and 12
percent from Laos."

"The most striking attacks exploited bugs to change the settings of Wilhoit’s
imaginary industrial systems. “They were doing things that would change the
water pressure, or temperature, or stop the flow on the water pump,” says
Wilhoit."

"Because the attacks made use of techniques specific to industrial control
systems, Wilhoit believes they were carried out by people intent on finding
and messing with such systems."

The last of which, seems to be the most inflammatory. However, I'm unwilling
to make the leap for one reason. As is oftentimes the case and rightfully so,
they are sparse on details as to what the hack is and therefore, I can't
determine what level of skill is required to target industrial control systems
(though that's not my field anyway). Though I'd like to know more, b/c as
stated, these systems often have little to no security and are connected to
the web.

