The US Department of Homeland Security has warned organisations running industrial control systems that an unnamed utility service was recently compromised.
The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) said it worked with the company and determined its systems were vulnerable and detected “previous intrusion activity”.
Hacking of the company’s systems would have been fairly trivial, the ICS-CERT report covering the incident indicated.
“A public utility was recently compromised when a sophisticated threat actor gained unauthorized access to its control system network,” read the report from the ICS-CERT.
“After notification of the incident, ICS-CERT validated that the software used to administer the control system assets was accessible via Internet facing hosts. The systems were configured with a remote access capability, utilising a simple password mechanism; however, the authentication method was susceptible to compromise via standard brute forcing techniques.”
The government security body also said it had uncovered a breach of “an unprotected, Internet-connected, control system operating a mechanical device”. The hacker had breached the security of a supervisory control and data acquisition (SCADA) protocol, which are often weak.
Worryingly, the device was not protected by a firewall or authentication access controls. “This incident highlights the need for perimeter security and monitoring capabilities to prevent adversaries from discovering vulnerable ICSs and using them as targets of opportunity,” ICS-CERT added.
Many are worried about the poor protection surrounding critical infrastructure, especially as SCADA systems have repeatedly been shown up as vulnerable.
ICS-CERT urged users to take advantage of tools available to them to shore up their control system networks.
“ICS-CERT strongly encourages taking immediate defensive action to secure ICSs by using defense-in-depth principles. Audit your networks for Internet facing devices, weak authentication methods, and component vulnerabilities.
“Understand the usage of tools, such as SHODAN and Google, and leverage those platforms to enhance awareness of the Internet accessible devices that might exist within your infrastructure.”
How well do you know network security? Try our quiz and find out!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…