Security experts at German IT fair bait hackers with Honey Train
Security experts try to get inside minds of would-be internet saboteurs
Somewhere on Earth, a computer hacker types a malicious command and hits enter. Half a world away, an urban commuter train speeds out of control, derails and crashes into a building.
Happily the kind of scenario that makes for Hollywood blockbusters and keeps public security officials awake at night would, in this case, only damage a model train set at a German information technology fair.
Internet security experts have set up 'Project Honey Train' with an online railway control system as bait, hoping to "get inside the heads of cybercriminals" - but without the real-life casualties.
"The goal is to provide an environment where we can study how people may try to attack public infrastructure projects where they could put public safety at risk," said Chester Wisniewski, of British security company Sophos.
"I suspect this is a pretty good copy of some of the worst of public security that we see in real life ... systems that were designed in a simpler time when people weren't trying to attack them, which is what makes them vulnerable."
Their miniature rail system at the CeBIT IT business fair in Hanover is built on a scale of 1:87 and set in a fictitious German city, with street names chosen from the board game Monopoly.
To an online attacker it's all meant to look real, with original software components and inbuilt flaws which are advertised in known hackers' chat rooms.