ICS-CERT: U.S. Public Utility Hacked

Reuters reports that the U.S. Department of Homeland Security (DHS) has acknowledged that an unidentified public utility in the U.S. was recently compromised by a sophisticated hacker group.

In a report [PDF], DHS’ Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) explained that the software used to mange the utility’s control system was accessible via the Internet. “The systems were configured with a remote access capability, utilizing a simple password mechanism; however, the authentication method was susceptible to compromise via standard brute forcing techniques,” the report states.

An ICS-CERT investigation found that the system had been breached previously, and worked with the utility’s owners to evaluate the overall security of their infrastructure and to make practical recommendations for securing the control network.

“This incident highlights the need to evaluate security controls employed at the perimeter and ensure that potential intrusion vectors (ex: remote access) are configured with appropriate security controls, monitoring, and detection capabilities,” the ICS-CERT report states.

Jeff Goldman
Jeff Goldman
Jeff Goldman is an eSecurity Planet contributor.

Top Products

Top Cybersecurity Companies

Cybersecurity is the hottest area of IT spending. That's why so many vendors have entered this lucrative $100 billion+ market. But who are the...

Top CASB Security Vendors for 2021

Any cloud-based infrastructure needs a robust cloud access security broker (CASB) solution to ensure data and application security and integrity. After carefully surveying the...

Top Endpoint Detection & Response (EDR) Solutions for 2021

Endpoint security is a cornerstone of IT security, so our team put considerable research and analysis into this list of top endpoint detection and...

Top Next-Generation Firewall (NGFW) Vendors

Cybersecurity is getting more complicated, and so are security products. NGFWs are no exception, and IoT devices and the work-from-home craze that began in...

Related articles