The big takeaway from this research is that attacks against Internet-facing ICSs are occurring and some of them appear to be targeted, Wilhoit said. Many ICS engineers are likely not aware that this is happening, he said.
The researcher hopes the tools he released will help ICS owners build and deploy their own honeypots in order to see who's targeting them and why and what changes they need to make to protect their real systems.
The ICS world needs more security information sharing, Wilhoit said. Researchers and IT professionals are sharing good information in other fields of IT security and same thing needs to happen for ICS, especially in those areas that could be considered critical infrastructure, he said.
Sign up for Computerworld eNewsletters.