The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert regarding threats against critical infrastructure networks, such as water supply and wastewater treatment systems. Attackers are attempting to exploit Operational Technology (OT) and Industrial Control Systems (ICS) devices connected to the Internet using Buborsat and Defolt accounting data.
OT devices are essential equipment and software utilized to control and monitor physical processes within critical infrastructures and other industries. In water supply systems, these devices oversee water purification, distribution, and pressure regulation, ensuring a stable and safe water supply.
CISA has highlighted that these attacks are currently impacting OT and ICS devices within the water supply and drainage systems sector. To mitigate these threats, CISA recommends that operators of OT and ICS in critical sectors implement security measures such as changing default passwords, enabling multifactor authentication, isolating Human-Machine Interfaces (HMI) with firewalls, enhancing Virtual Network Computing (VNC) protection, and regularly updating security systems.
Recently, the Director of CISA, Jenzerly, criticized software developers for producing products with vulnerabilities, attributing them as the true instigators of cyber attacks. She urged technology companies to refrain from releasing faulty code that creates opportunities for cyber criminals, emphasizing that these suppliers inadvertently enable attackers to exploit their victims.
Furthermore, reports indicate that water supply systems in the United States have been targeted by cyber attacks orchestrated by hackers from China and Iran, sparking concerns among authorities. Iran predominantly employs hactivists rather than state-sponsored entities for their cyber activities. For instance, the Sandworm group has been linked to attacks on water facilities in the USA and Europe, with one incident resulting in tank overflows. Simultaneously, China is being accused of targeting critical infrastructure, including water supply systems, through the Volt Typhoon group.