"The victims included a municipal water facility where pressure values were changed, an oil and gas company whose tank gauge was tampered with, and a farm silo where drying temperatures were altered, "resulting in potentially unsafe conditions if not caught on time." Officials stressed these weren't sophisticated, state-sponsored operations but opportunistic intrusions that caused real-world disruption ranging from false alarms to degraded service. The attackers didn't need custom malware or insider access either - just a connection and curiosity."
"The advisory listed a depressingly familiar roll call of vulnerable kit: PLCs, remote terminal units, human-machine interfaces, SCADA systems, safety controllers, building management setups, and other industrial IoT gear that's notoriously fragile when left exposed. Operators were urged to take stock of what's online, lock it down behind VPNs and multi-factor authentication, and monitor it like a critical system - because it is."
Hacktivists breached Canadian industrial control systems and altered operational parameters, creating potentially unsafe conditions and causing real-world disruptions. A municipal water facility had pressure values changed, an oil and gas company saw a tank gauge tampered with, and a farm silo experienced altered drying temperatures. The intrusions were opportunistic and low sophistication, requiring only internet access rather than custom malware or insider access. Vulnerable devices include PLCs, RTUs, HMIs, SCADA systems, safety controllers, building management systems, and other industrial IoT gear. Operators were advised to inventory internet-facing systems, use VPNs and multi-factor authentication, and monitor ICS like critical infrastructure.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]