Friend
Professional
- Messages
- 2,653
- Reaction score
- 850
- Points
- 113
CISA warns that hackers are testing the strength of water infrastructure.
CISA reported attacks on critical infrastructure networks, including water supply and wastewater treatment systems. Attackers try to hack Internet-connected OT and ICS devices using brute-force attacks and default credentials.
OT (Operational Technology) devices are hardware and software used to control and monitor physical processes in manufacturing, critical infrastructure, and other industries. For example, in water supply systems, such devices are responsible for monitoring water treatment, distributing and regulating pressure, which ensures a stable and safe water supply.
CISA stressed that the attacks are already affecting OT and ICS devices in the water and wastewater sector. To protect against attacks, CISA recommends that operators of OT and ICS devices in critical sectors implement security measures such as changing default passwords, implementing multi-factor authentication, isolating human-machine interfaces (HMIs) behind firewalls, hardening VNCs, and regularly updating security systems.
Recently, the head of CISA, Jen Easterly, said that software developers who release products with vulnerabilities are the real culprits of all cyberattacks. Easterly called on tech companies to stop releasing code with defects that pave the way for cybercriminals. She stressed that it is technology providers who create problems that attackers successfully use to attack their victims.
It also recently became known that US water systems have become a target for cyber attacks by hackers from China and Iran. This is a growing concern for the authorities. Iran most often acts through hacktivists rather than through state structures. For example, the Sandworm group, according to some reports, was involved in attacks on water bodies in the United States and Europe, one of which even led to the overflow of a tank. At the same time, China has been accused of cyberattacks on critical infrastructure, including water systems, through the Volt Typhoon group.
Source
CISA reported attacks on critical infrastructure networks, including water supply and wastewater treatment systems. Attackers try to hack Internet-connected OT and ICS devices using brute-force attacks and default credentials.
OT (Operational Technology) devices are hardware and software used to control and monitor physical processes in manufacturing, critical infrastructure, and other industries. For example, in water supply systems, such devices are responsible for monitoring water treatment, distributing and regulating pressure, which ensures a stable and safe water supply.
CISA stressed that the attacks are already affecting OT and ICS devices in the water and wastewater sector. To protect against attacks, CISA recommends that operators of OT and ICS devices in critical sectors implement security measures such as changing default passwords, implementing multi-factor authentication, isolating human-machine interfaces (HMIs) behind firewalls, hardening VNCs, and regularly updating security systems.
Recently, the head of CISA, Jen Easterly, said that software developers who release products with vulnerabilities are the real culprits of all cyberattacks. Easterly called on tech companies to stop releasing code with defects that pave the way for cybercriminals. She stressed that it is technology providers who create problems that attackers successfully use to attack their victims.
It also recently became known that US water systems have become a target for cyber attacks by hackers from China and Iran. This is a growing concern for the authorities. Iran most often acts through hacktivists rather than through state structures. For example, the Sandworm group, according to some reports, was involved in attacks on water bodies in the United States and Europe, one of which even led to the overflow of a tank. At the same time, China has been accused of cyberattacks on critical infrastructure, including water systems, through the Volt Typhoon group.
Source
