Hacker pierces control system of a U.S. public utility
Other Critical Infrastructure // United States
The network could have been compromised possibly because it was reachable through the public Web.
The “software used to administer the control system assets was accessible via Internet facing hosts,” a Homeland Security Department report stated. “Previous intrusion activity was also identified.”
The system’s passwords could have been overridden by “brute forcing techniques,” where attackers try various password combinations to break in, DHS said.
"While unauthorized access was identified, ICS-CERT was able to work with the affected entity to put in place mitigation strategies and ensure the security of their control systems before there was any impact to operations," a DHS official told Reuters on Tuesday.
ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.