Faking smart industry: A honeypot-driven approach for exploring cyber security threat landscape
Cognitive Radio Oriented Wireless Networks and Wireless Internet
School of Science
The digital evolution of Industry 4.0 enabled Operational Technology (OT) infrastructures to operate and remotely maintain cyber-physical systems bridging over IT infrastructures. It has also expanded new attack surfaces and steadily increased the number of malicious cyber incidents for the interconnected smart critical systems. Within Industrial Control System (ICS), Programmable Logic Controller (PLC) plays a crucial function to bridge between cyber and physical environments which made them the victim of sophisticated cyber-attacks that are designed to interrupt and damage their operations. Honeypots have been used as a key tool for aggregating real threat data e.g., malicious activities and payloads, to observe and determine different attack methods and strategies that can easily affect poorly secured cyber-physical systems. In this research, we deployed T-pot honeypot in Amazon Elastic Compute Cloud (AWS EC2) instance across six different regions to determine the current threat landscape as well as how knowledgeable and ingenious threat actors could be in compromising internet-facing Industrial Control System (ICS).