Recently a Russian-speaking hacker group has been targeting US infrastructure and posting about their attacks on the social messaging app Telegram. Where they not only take credit but brag about how they did it. One of their latest attacks has targeted a small Indiana municipal utility. While the utility remained operational during the attack and as far as we know now no data was breached. These attacks are on the rise with this same group claiming to have hacked into a water tower's pump controls in Texas back in January. This group was linked by an independent source and it is believed that they are also responsible for similar attacks across the country.
How does a hacking group get into municipal water facilities systems and what could be on the line once they do? The obvious worst-case scenarios come to mind from controlling pumps and valves that are connected to a computer system. Potentially gaining access to chemical controls that could contaminate the water supply. Even to steal customer payment or personal information.
One common way these attacks are carried out is by unsecured devices connected to the internet. These could be any device that communicates over WIFI. Such as remote-operated pumps, door controls, heating and air controllers accessed by an app, and even lightbulbs that can be controlled with your phone. These devices often don’t have the proper security in place and are not configured properly to be monitored on the network.
The good news is that some small changes can be made to make these types of things much harder to breach.
We’ve all heard of two-factor authentication (2FA), when an application or a device is connected to the internet is some way to communicate with another tool. Having 2FA provides an extra layer of protection if a password is compromised or stolen by requiring the user to have a second device to prove they are the intended user.
Firewall configuration is a key component of your cyber security plan as it is often the first barrier to entry for hackers. Having an off-the-shelf firewall is fine for personal use but will not stand up to hackers who target businesses. Firewalls need to be properly configured and constantly monitored and maintained. They are not meant to be static one-and-done solutions, they require active maintenance and patching to ensure the latest security is in place.
Dark web monitoring is another great tool for maintaining security. There are large social forms in the dark where passwords and account info are sold. Without you knowing your password could be sold on the dark web and then used by bad actors to gain access to critical systems. Having someone who monitors the dark web and notifies you when a password has been breached, allows you to change the password and resecure your system quickly before hackers have a chance to get in.
Finally managing and knowing your network is critical. Keeping track of every device that is connected to your systems and knowing that they are up to date with the latest patch is important but it is no small job.
If you're wondering what risks you might be facing give us a call for a FREE IT Assessment to see what vulnerabilities you might be missing.
