Building a Fake Solar Plant for Cybersecurity Research, Part 3

An exposed energy-themed honeypot was discovered in under an hour and faced brute force, web scanning, and Modbus reconnaissance with zero write or control attempts. Defenses include keeping OT protocols off the public internet, blocking egress by default, removing default credentials, and segmenting IT from OT.