A public utility in the U.S. was compromised after attackers took advantage of a weak password security system, according to a U.S. Department of Homeland Security team that studies cyberattacks against critical infrastructure.The utility, which was not identified, was vulnerable to a brute-force attack, where hackers try different combinations of passwords until the right one is found.
An investigation showed the utility was attacked before.
“It was determined that the systems were likely exposed to numerous security threats, and previous intrusion activity was also identified,” ICS-CERT wrote in the report.
The U.S. government has long warned that critical infrastructure such as power and water plants are at risk of cyberattack, as many of their IT systems have not been rigorously audited for vulnerabilities and configuration mistakes.
No comments:
Post a Comment