How much should US worry for being the biggest source of cyber-attackers in the world?
The fake control systems were made to look like they were located in the U.S., the U.K., Amsterdam, Brazil, Tokyo and Singapore. We wanted a variety of locations to show that systems everywhere are under attack. Over a three-month period ending last week, the U.S. was by far the biggest source of attack traffic (more than 6,000 attacks), followed by China (more than 3,500), Russia (more than 2,500), the Netherlands and France.
Industrial networks are already under daily assault by hackers, and that threat is only growing as more countries develop advanced cyber-war capabilities. Few have been as thoroughly revealed to the public as the United States' through the disclosures of former National Security Agency contractor Edward Snowden.
Martin and I decided on setting up an online decoy known as a honeypot, which was made to look like an enticing industrial-control computer to hackers. It's designed to attract attacks so they can be traced and studied.
The graphic below shows which countries were the apparent source of the majority of attacks.
Earlier this year, I was brainstorming with Greg Martin, the founder and chief technical officer of ThreatStream, a Google Ventures-backed security startup, about finding a way to show the global nature of attacks against industrial-control systems used in electrical grids, water systems and manufacturing plants. For obvious reasons, attacks against critical infrastructure are among the biggest concerns in cyber-security.