Brute force intrusions, default credentials, and other unsophisticated attack methods were noted by the Cybersecurity and Infrastructure Security Agency to be persistently leveraged by threat actors against internet-exposed operational technology and industrial control systems of critical infrastructure organizations, including those in the water and wastewater sector, BleepingComputer reports.
Ongoing targeting of vulnerable OT/ICS devices should prompt critical infrastructure entities to replace default passwords, activate multi-factor authentication, implement firewall protection for human-machine interfaces, and ensure up-to-date security patches as recommended in an earlier joint federal guidance warning of pro-Russia hacktivist attacks against water and wastewater systems, according to the CISA alert. Such a development follows a cyberattack against a water treatment facility in the City of Arkansas in Kansas, as well as the release of Environmental Protection Agency recommendations for hardening cybersecurity in the water sector. U.S. sanctions have also been recently imposed against Russian Cyber Army members for their involvement in water sector attacks.