SC-26: HONEYPOTS
NOT SELECTED FOR INDUSTRIAL CONTROL SYSTEMS
The information system includes components specifically designed to be the target of malicious attacks for the purpose of detecting, deflecting, and analyzing such attacks.
SUPPLEMENTAL GUIDANCE
A honeypot is set up as a decoy to attract adversaries and to deflect their attacks away from the operational systems supporting organizational missions/business function. Depending upon the specific usage of the honeypot, consultation with the Office of the General Counsel before deployment may be needed.
RELATED CONTROLS: SC-26
CONTROL ENHANCEMENTS
SC-26 (1) HONEYPOTS | DETECTION OF MALICIOUS CODE
[Withdrawn: Incorporated into SC-35].
REFERENCES:
- NIST Special Publication 800-82 | GUIDE TO INDUSTRIAL CONTROL SYSTEMS (ICS) SECURITY