The Cybersecurity and Infrastructure Security Agency (CISA) noted that threat actors are persistently leveraging brute force intrusions, default credentials, and other unsophisticated attack methods against internet-exposed operational technology and industrial control systems of critical infrastructure organizations, including those in the water and wastewater sector, BleepingComputer reports.
Ongoing targeting of vulnerable OT/ICS devices should prompt critical infrastructure entities to replace default passwords, activate multi-factor authentication, implement firewall protection for human-machine interfaces, and ensure up-to-date security patches.
These actions are recommended in an earlier joint federal guidance warning of pro-Russia hacktivist attacks against water and wastewater systems, according to the CISA alert.
The development follows a cyberattack against a water treatment facility in the City of Arkansas in Kansas, as well as the release of Environmental Protection Agency recommendations for hardening cybersecurity in the water sector. U.S. sanctions have also been recently imposed against Russian Cyber Army members for their involvement in water sector attacks.
