The US Department of Homeland Security has warned organisations running industrial control systems that an unnamed utility service was recently compromised.
The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) said it worked with the company and determined its systems were vulnerable and detected “previous intrusion activity”.
Hacking of the company’s systems would have been fairly trivial, the ICS-CERT report covering the incident indicated.
“A public utility was recently compromised when a sophisticated threat actor gained unauthorized access to its control system network,” read the report from the ICS-CERT.
“After notification of the incident, ICS-CERT validated that the software used to administer the control system assets was accessible via Internet facing hosts. The systems were configured with a remote access capability, utilising a simple password mechanism; however, the authentication method was susceptible to compromise via standard brute forcing techniques.”
The government security body also said it had uncovered a breach of “an unprotected, Internet-connected, control system operating a mechanical device”. The hacker had breached the security of a supervisory control and data acquisition (SCADA) protocol, which are often weak.
Worryingly, the device was not protected by a firewall or authentication access controls. “This incident highlights the need for perimeter security and monitoring capabilities to prevent adversaries from discovering vulnerable ICSs and using them as targets of opportunity,” ICS-CERT added.
Many are worried about the poor protection surrounding critical infrastructure, especially as SCADA systems have repeatedly been shown up as vulnerable.
ICS-CERT urged users to take advantage of tools available to them to shore up their control system networks.
“ICS-CERT strongly encourages taking immediate defensive action to secure ICSs by using defense-in-depth principles. Audit your networks for Internet facing devices, weak authentication methods, and component vulnerabilities.
“Understand the usage of tools, such as SHODAN and Google, and leverage those platforms to enhance awareness of the Internet accessible devices that might exist within your infrastructure.”
How well do you know network security? Try our quiz and find out!
TSMC begins production of advanced 4nm chips at Arizona plant as US seeks to bring…
China's semiconductor imports grow by double-digits in 2024 ahead of new US export controls that…
New US export controls divide world into three tiers as outgoing administration seeks to cut…
Apple board advises investors to vote against shareholder proposal to end diversity programmes as Meta,…
Technology secretary Peter Kyle admits Online Safety Act falls short on protection from social harm,…
Jeff Bezos' Blue Origin cancels New Glenn certification flight at last minute due to unspecified…