September 25, 2024 at 12:27PM
CISA warns of threat actors targeting critical infrastructure networks through unsophisticated methods such as brute force attacks and default credentials on Internet-exposed industrial devices. Ongoing attacks are impacting water and wastewater systems. CISA advises applying security measures to defend against malicious activity, following previous warnings of pro-Russian hacktivists targeting water facilities.
Based on the meeting notes, the key takeaways are as follows:
– CISA has warned of ongoing threats to critical infrastructure networks, specifically targeting Internet-exposed industrial devices using “unsophisticated” methods like brute force attacks and default credentials.
– The attacks are impacting water and wastewater systems and are continuing to target operational technology (OT) and industrial control systems (ICS) devices.
– Various measures have been advised for defending against these attacks, including changing default passwords, enabling multifactor authentication, placing human-machine interfaces (HMIs) behind firewalls, hardening VNC installs, and applying the latest security updates to the overall security posture of IT environments.
– There have been specific incidents reported, such as the cyberattack on Arkansas City, Kansas, which forced its water treatment facility to switch to manual operations, and the U.S. Environmental Protection Agency’s (EPA) issuance of guidance to help water and wastewater system (WWS) owners and operators evaluate their cybersecurity practices.
Overall, the meeting notes highlight the concerning trend of cyber threats targeting critical infrastructure and the importance of proactive measures to enhance cybersecurity in the water and wastewater sector.