Hacking Group Linked to Chinese Army Caught Attacking Dummy Water Plant

Submitted by holy_calamity
holy_calamity (872269) writes "MIT Technology Review reports that APT1, the China-based hacking group said to steal data from U.S. companies, has been caught taking over a decoy water plant control system. The honeypot mimicked the remote access control panels and physical control system of a U.S. municipal water plant. The decoy was one of 12 set up in 8 countries around the world, which together attracted more than 70 attacks, 10 of which completely compromised the control system. China and Russia were the leading sources of the attacks. The researcher behind the study says his results provide the first clear evidence that people actively seek to exploit the many security problems of industrial systems."


  • ... is hooking up your industrial systems to the internet!

    i dont see how this is seen as an acceptable practice.

    • While true, Stuxnet showed us that even airgapped systems are not invulnerable. Add to that that resource facility workers are not trained or paid like military contractors, and you can totally scrap the "acceptable practice" concept. Then, once you introduce private contractors whose only motive is profit... well, at that point you don't even really need to compromise the systems; you've likely already got someone on the inside.

