A single of Australia’s major regional h2o suppliers was breached for various months just before detecting the unauthorized entry, an additional worrying signal of weaknesses in critical infrastructure security.
A Queensland Audit Office annual report on the water industry did not mention the company by name but reported it proceeds to see “sizeable manage weaknesses in the security of details programs” across the sector.
The breach in question transpired in between August 2020 and May perhaps 2021, ensuing in unauthorized obtain to a web server.
“Danger actors specific an older and more susceptible model of the procedure. The web server that retailers buyer info contained suspicious data files that improved customer traffic to an on the internet video platform,” the report described.
“As entities use much more cloud-based providers (which provide distant entry to systems), cyber risk vulnerabilities and exposures should be constantly assessed. Entities need to make absolutely sure their consumers are informed of their duties in taking care of cyber pitfalls.”
A regional report identified the provider as Sunwater, one particular of the state’s largest regional suppliers.
The auditor described that it had taken corrective actions, which includes patching, additional strong password techniques, and network monitoring.
Whilst this breach appears to have been caused by monetarily motivated cyber-criminals, with no impact on buyers, utility companies are progressively becoming focused by a lot more regarding assaults created to induce assistance disruption and even damage citizens.
In 2019 a former personnel at a Kansas plant accessed and shut down some of the critical processes utilised to disinfect h2o. Earlier this year, in the Florida town of Oldsmar, an actor tried to alter the water supply’s chemical stability by remotely logging into a SCADA program.
Final thirty day period, the US authorities issued an alert warning of ongoing destructive cyber-action focusing on the country’s h2o and wastewater systems (WWS) sector.
Spear-phishing, compromise of Remote Desktop Protocol (RDP) techniques, and exploitation of unpatched or outdated software program had been the critical danger vectors highlighted in the report.
Some parts of this article are sourced from:
www.infosecurity-magazine.com