Categories: SecurityWorkspace

US Government Says Utility System Hacked

The US Department of Homeland Security has warned organisations running industrial control systems that an unnamed utility service was recently compromised.

The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) said it worked with the company and determined its systems were vulnerable and detected “previous intrusion activity”.

Hacking of the company’s systems would have been fairly trivial, the ICS-CERT report covering the incident indicated.

Easy hacking of utility systems

“A public utility was recently compromised when a sophisticated threat actor gained unauthorized access to its control system network,” read the report from the ICS-CERT.

“After notification of the incident, ICS-CERT validated that the software used to administer the control system assets was accessible via Internet facing hosts. The systems were configured with a remote access capability, utilising a simple password mechanism; however, the authentication method was susceptible to compromise via standard brute forcing techniques.”

The government security body also said it had uncovered a breach of “an unprotected, Internet-connected, control system operating a mechanical device”. The hacker had breached the security of a supervisory control and data acquisition (SCADA) protocol, which are often weak.

Worryingly, the device was not protected by a firewall or authentication access controls. “This incident highlights the need for perimeter security and monitoring capabilities to prevent adversaries from discovering vulnerable ICSs and using them as targets of opportunity,” ICS-CERT added.

Many are worried about the poor protection surrounding critical infrastructure, especially as SCADA systems have repeatedly been shown up as vulnerable.

ICS-CERT urged users to take advantage of tools available to them to shore up their control system networks.

“ICS-CERT strongly encourages taking immediate defensive action to secure ICSs by using defense-in-depth principles. Audit your networks for Internet facing devices, weak authentication methods, and component vulnerabilities.

“Understand the usage of tools, such as SHODAN and Google, and leverage those platforms to enhance awareness of the Internet accessible devices that might exist within your infrastructure.”

How well do you know network security? Try our quiz and find out!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

TSMC Begins 4nm Chip Production In Arizona

TSMC begins production of advanced 4nm chips at Arizona plant as US seeks to bring…

16 hours ago

China Chip Imports Surge Ahead Of New Export Controls

China's semiconductor imports grow by double-digits in 2024 ahead of new US export controls that…

16 hours ago

US Rules Divide World To Conquer China’s AI

New US export controls divide world into three tiers as outgoing administration seeks to cut…

17 hours ago

Apple Board Advises Against Plan To End Diversity Programmes

Apple board advises investors to vote against shareholder proposal to end diversity programmes as Meta,…

17 hours ago

Technology Secretary Calls Online Safety Act ‘Unsatisfactory’

Technology secretary Peter Kyle admits Online Safety Act falls short on protection from social harm,…

18 hours ago

Blue Origin Aborts Test Flight Minutes Before Launch

Jeff Bezos' Blue Origin cancels New Glenn certification flight at last minute due to unspecified…

1 day ago