The 2017 WannaCry-fueled shutdown of a car facility and other high-profile infections make ransomware too big to ignore for the manufacturing sector. But while factory operators reckon with their security weaknesses, they sometimes lack information on how and why their networks attract the interest of digital thieves.
In search of those answers, researchers at cybersecurity company Trend Micro ran a simulated factory network for seven months that invited all sorts of digital miscreants into the fray. Different attackers used the mock network, or honeypot, to mine cryptocurrency and infected it with two strains of a ransomware known as CrySIS.