Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
In their latest advisory, CISA warns about the dangers of threat actors trying to breach the networks of critical infrastructure by targeting Internet-exposed industrial devices using ‘unsophisticated’ methods such as brute force attacks and default credentials.
Details From the Advisory
The cybersecurity agency claims that water and wastewater systems are being impacted by these continuous attacks that are directed at critical infrastructure OT and ICS devices.
This advisory comes days after the cyberattack on the Arkansas City water plant in Kansas, which was forced to switch to manual operation after the attack occurred last Sunday.
OT devices help monitor and control physical processes in manufacturing, critical infrastructure, and other industries by integrating hardware and software. For example, they control pressure, distribution, and water treatment procedures at water treatment plants to provide a steady and secure supply of clean water.
Exposed and vulnerable OT/ICS systems may allow cyber threat actors to use default credentials, conduct brute force attacks, or use other unsophisticated methods to access these devices and cause harm.
CISA (Source)
The cybersecurity organization said that pro-Russian hacktivists were targeting water facilities, therefore it encouraged OT/ICS operators in vulnerable critical infrastructure sectors to take precautions against hostile behavior by implementing the strategies shared in a warning from May.
According to what CISA stated at the time, since 2022, they have been focusing on insecure and improperly configured OT devices in an effort to interfere with business operations or produce “nuisance effects” using assaults that are “mainly limited to unsophisticated techniques.”
Defenders can strengthen the overall security posture of their IT environments by hardening VNC installs, enabling multi-factor authentication, changing default passwords, hiding human-machine interfaces (HMIs) behind firewalls, and applying the most recent security patches.
If you liked this piece, you can find more on the blog. Follow us on LinkedIn, Twitter, Facebook, and YouTube for more cybersecurity news and topics.
Cristian is a Content Editor & Creator at Heimdal®, where he developed a deep understanding of the digital threat landscape. His style resonates with both technical and non-technical readers, proof being in his skill of communicating cybersecurity norms effectively, in an easy-to-understand manner.
