Category: ICS


Conpot – An Open Industrial Control Honeypot

Conpot is an ICS honeypot with the goal to collect intelligence about the motives and methods of adversaries targeting industrial control systemsDocumentationThe build of the documentations source can be found here. There you will also find the instructions on how to install conpot and the FAQ.Easy install using DockerVia a pre-built imageInstall DockerRun docker pull honeynet/conpotRun docker run -it -p 80:80 -p 102:102 -p 502:502 -p 161:161/udp --network=bridge honeynet/conpot:latest /bin/shFinally run conpot -f --template defaultNavigate to to confirm the setup.Build docker image from…

Security FeedsIndustrial threatsICSindustrial softwareSecurity Policies

OPC UA security analysis

This paper discusses our project that involved searching for vulnerabilities in implementations of the OPC UA protocol. In publishing this material, we hope to draw the attention of vendors that develop software for industrial automation systems and the industrial internet of things to problems associated with using such widely available technologies, which turned out to be quite common. We hope that this article will help software vendors achieve a higher level of protection from modern cyberattacks. We also discuss some of our techniques and…

Security FeedsIndustrial threatsCyberespionageICSIndustrial control systemsindustrial softwareIoTMalware StatisticsSecurity PoliciesSpearphishing

Threat Landscape for Industrial Automation Systems in H2 2017

For many years, Kaspersky Lab experts have been uncovering and researching cyberthreats that target a variety of information systems – those of commercial and government organizations, banks, telecoms operators, industrial enterprises, and individual users. In this report, Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the findings of its research on the threat landscape for industrial automation systems conducted during the second half of 2017. The main objective of these publications is to provide information support to global…