With all that is going on in the world today, state-sponsored terrorist cyber attacks are on the rise. Their main target is critical Infrastructure.
Just last month, the Municipal Water Authority in Aliquippa, Pennsylvania, was attacked by a group out of Iran. The Iranian-backed group Cyber Av3ngers attacked the water authority in response to the Israel-Hamas war. As reported in Dark Reading, Their message appeared on the facility’s computers, “You Have Been Hacked. Down With Israel, Every Equipment 'Made In Israel' Is Cyber Av3ngers Legal Target." Thankfully, the attackers only gained access to pumps that regulate water pressure in elevated areas and did not threaten the water supply. The attackers of the Municipal Water Authorly of Aliquippa are thought to have accessed the facility via the Internet using default or weak passwords.
If that wasn’t enough, the Washington Post has reported that hackers affiliated with China’s People’s Liberation Army have found their way into several US critical infrastructure systems. One of the groups, Volt Typhoon, has been very active in targeting organizations large and small. The targets included Hawaii's water infrastructure, the Texas power grid operator, a port on the west coast, and at least one pipeline. Despite the serious nature of these attacks, no critical control systems appear to have been compromised.
Echoes of 2021’s attack on the Oldsmar Water Treatment Plant. While it wasn’t determined if it was a state-sponsored attack, a hacker accessed the computer that controlled Oldsmar’s water treatment system and briefly increased the quantity of sodium hydroxide, also known as lye, by a factor greater than 100. Thankfully an administrator noticed the change and stopped the attack before the water could be contaminated. According to Security Week Magazine, a shared TeamViewer login was the entry point for the attacker.
As far as critical infrastructure is concerned, cyber attacks can have far-reaching consequences. Wars fought in far-off places can have repercussions here at home. This isn’t just a US problem. The Canadian Centre for Cyber Security’s Threat Assessment for 2023-2024 says, “State-sponsored actors target critical infrastructure to collect information through espionage, to pre-position in case of future hostilities and as a form of power projection and intimidation.” If you are responsible for managing these systems, you must have your cyber defences in place. At the most basic, you need to use strong passwords (weak/default passwords were a factor in two of the above breaches).
No matter what industry you are in, it is crucial to strengthen your defences against possible threats. Simple yet fundamental steps, such as strong passwords, can serve as a frontline defence against cyber adversaries. You don’t have to do it alone. Having Quick Intelligence on your side goes beyond simply obtaining cyber security services; it establishes a partnership for strengthening digital defences, reducing risks, and securing the business environment. In this age of constant cyber threats, teaming up with us is a wise move to protect your business and stay strong against new challenges. Contact us today!