An unidentified attacker accessed the computer systems of a water treatment facility in the US, altering sodium hydroxide levels in the potable water supply. With attacks on critical infrastructure increasingly common, this incident should not come as a surprise. Basic cyber-security hygiene could have lessened the likelihood of accessing the systems, but the network of the facility was not adequately secured. Simple attack techniques took advantage of the plant’s security weaknesses, including poor passwords shared across the plant, and widespread use of end-of-life software. These problems are very likely present in other water treatment plants, as well as other critical facilities. This incident casts a spotlight on the need to appropriately secure critical infrastructure systems, which may be mistakenly thought of as well guarded.
Want To Try Our Digital Risk Protection Tool?
Get Started FreeOther content in this Stream
Weekly Intelligence Summary 14th Jan
Researchers have discovered a critical vulnerability in the popular open-source Java SQL database H2
Weekly Intelligence Summary 17th Dec
Log4j bug exposes fragility of digital ecosystem worldwide. Plus information on Magecart home for the holidays, Emotet regaining power, and Muddywater APT group hunts for airline data via Slack.
40:20Forecasting the 2022 Ransomware Threat
Digital Shadows CISO, Rick Holland will introduce a Structured Analytic Technique called "The Cone of Plausibility" and use this analytic technique to forecast next year's ransomware threat.
Weekly Intelligence Summary 10th Dec
Microsoft has allegedly halted a long-term cyber-espionage operation of “NICKEL”, a threat group linked to the People’s Republic of China (PRC).
24:37Join Photon CTI analysts to discuss the most severe vulnerabilities observed in 2021 and how to improve your security posture.
As the end of the year approaches, it’s time once again to look at the initial access broker (IAB) activity ...
30:27This Webinar highlights the key research findings of the SPARK MATRIX Digital Risk Protection (DRP), 2021.
22:13Ryan Floyd, venture capitalist and co-founder Storm Ventures, talks about the latest cybersecurity threats you should be aware of with Digital Shadows CEO, Alastair Paterson.
Quarterly Threat Report: Q3 2021 - Financial Services
This report discusses Intel Updates related to financial services in the third quarter of 2021 (Q3 2021) as well as an outlook for the next quarter (Q4 2021).
