View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

US public utility’s network hacked, says Homeland Security report

It suspects similar attacks happened in the past too.

By CBR Staff Writer

A public utility in the US was recently attacked by cyber criminals and its control system network was hacked, revealed the Department of Homeland Security.

A report released by Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), a unit of the department, did not make the name of the utility public.

ICS-CERT said that the software used to administer the control system assets was accessible via Internet facing hosts.

"The systems were configured with a remote access capability, utilizing a simple password mechanism; however, the authentication method was susceptible to compromise via standard brute forcing techniques," the report said.

The team has analysed the network logs and found that the systems must have been attacked in the past as well.

The report said, "This incident highlights the need to evaluate security controls employed at the perimeter and ensure that potential intrusion vectors (ex: remote access) are configured with appropriate security controls, monitoring, and detection capabilities."

ICS-CERT received 181 vulnerability reports in 2013; 87% of them were prone to exploitation remotely while the remaining required local access.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Authentication flaws formed 33% of the vulnerabilities, followed by denial of service at 14%.

The team recommends users to minimize network exposure and configure ICSs behind firewalls to avoid attacks.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.