A public utility in the US was recently attacked by cyber criminals and its control system network was hacked, revealed the Department of Homeland Security.
A report released by Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), a unit of the department, did not make the name of the utility public.
ICS-CERT said that the software used to administer the control system assets was accessible via Internet facing hosts.
"The systems were configured with a remote access capability, utilizing a simple password mechanism; however, the authentication method was susceptible to compromise via standard brute forcing techniques," the report said.
The team has analysed the network logs and found that the systems must have been attacked in the past as well.
The report said, "This incident highlights the need to evaluate security controls employed at the perimeter and ensure that potential intrusion vectors (ex: remote access) are configured with appropriate security controls, monitoring, and detection capabilities."
ICS-CERT received 181 vulnerability reports in 2013; 87% of them were prone to exploitation remotely while the remaining required local access.
Authentication flaws formed 33% of the vulnerabilities, followed by denial of service at 14%.
The team recommends users to minimize network exposure and configure ICSs behind firewalls to avoid attacks.
Qualys is the leading provider of on demand IT security risk and compliance solutions - delivered as a service. Qualys solutions enable...
Absolute® Software specialises in technology and services for the management and security of mobile computers and smartphones.