Episode 226 – Faking a Factory: Creating and Operating a Realistic Honeypot – BlackHat Asia 2020 takeaway

Jane Lo, Singapore Correspondent for MySecurity Media speaks with Charles Perine, a Senior Threat Researcher for Trend Micro.

In this podcast, Charles provides insights into his joint work with Stephen Hilt, Federico Maggi, Lord Remorin, Martin Rösler, Rainer Vosseler on conceptualising and running a manufacturing facility honey pot. To determine how knowledgeable and imaginative attackers could be in compromising a manufacturing facility, they built an ideal environment to monitor and learn about the attackers attracted to the honeypot.  He discussed the attacks observed, which included a malicious cryptocurrency mining campaign, two ransomware attacks, another that posed as a ransomware attack, and several scanners.

Charles has 15 years of experience in computer and network security. Much of his focus during that time has been dedicated to ICS security, including research projects at Sandia National Laboratories (OPSAID) and Digital Bond (Portaledge), and work on securing ICS environments for customers while working for Revolutionary Security and Lockheed Martin. Previously, he had also tested internal products and helped create the Product Security Incident Response Team (PSIRT) process while working for General Electric. Charles enjoys breaking hardware and software.

He had also presented on other TrendMicro research “Lost in Translation: When Industrial Protocol Translation Goes Wrong”, at CRITIS: Critical Information Infrastructures Security 2020.

Recorded in association with MySecurity Media as media partners to BlackHat Asia 2020, 29 Sept – 2 October 2020.