Brute-force intrusions, default credentials, and other unsophisticated attack methods continue to be used by threat actors against internet-exposed operational technology (OT) and industrial control systems (ICS) that support critical infrastructure organizations, including those in the water and wastewater sector.

According to the Cybersecurity and Infrastructure Security Agency (CISA), the ongoing targeting of vulnerable OT and ICS devices should prompt critical infrastructure entities to implement several fundamental security measures.

CISA recommends that organizations:

• Replace default passwords
• Enable multi-factor authentication (MFA)
• Implement firewall protection for human-machine interfaces (HMIs)
• Apply security patches and updates promptly

These recommendations align with earlier joint federal guidance warning about pro-Russia hacktivist attacks targeting water and wastewater systems.

Read the full article

RITC Cybersecurity's Take

Despite the simplicity of these attack techniques, they can still cause significant disruption to critical infrastructure, including energy grids, water systems, and manufacturing environments.

CISA’s guidance serves as an important reminder that even basic attacks can have severe consequences when foundational cybersecurity controls are not in place.