There have been many reports of the Chinese and others attacking our critical infrastructure. Last year, Kyle Wilhoit from Trend Micro developed a control system honeypot representing a small water utility in rural Missouri and then identified the attackers some of whom were from China. Bob Radvanovsky from Infracritical took a similar approach and the results are astounding. He acquired some Ruggedom switches from E-Bay and set up a network emulating a well pumping station. Within 2 hours of connecting the systems, he was being attacked primarily from China. This is even more interesting when you realize when the attack started, the honeypot was not seen on Shodan. This shows the level of monitoring going on in China. Bob will be discussing these results Tuesday at the ICS Cyber Security Conference -www.icscybersecurityconference.com.
Joe Weiss
