Default Passwords Exploited by Water Utility Hackers
Image courtesy of Tim Reckmann under Attribution 2.0 Generic License, resized to 700 x 391 pixels.
New warnings from security agencies like the Cybersecurity and Infrastructure Security Agency (CISA) reveal that simple measures like changing default passwords and utilizing multi-factor authentication can dramatically reduce water utilities’ vulnerability to a cyber-attack. With AI-based technology and IoT devices running more and more large drinking water and wastewater systems, taking simple measures like this can be the difference between business as usual and chaos.
Default Passwords are Low Hanging Fruit When It Comes to Water Utility Cybersecurity
Changing default passwords is such a simple thing, you may wonder why it isn’t done 100% across the board. Well, the reason really boils down to the law of averages. With over 50,000 small community water systems dotting the U.S., this is an oversight that is bound to happen at least a small percentage of the time.
Unfortunately, hackers are willing to play the numbers game – if they hit on 1 out of 100, that might be good enough. And that may be why water utilities are an increasingly attractive target for these bad actors.
Of course, as indicated by the default password issue, it’s really not difficult to reduce vulnerability by at least a few dozen percentage points! So, I think education is the main action item. And it’s really important, because a cyber-induced service interruption can spiral into a full-blown emergency situation in a matter of hours.
As a refresher, here are some best practices for water utilities to reduce their cyber-vulnerability:
- Invest heavily in network security, utilizing firewalls, intrusion detection systems, and multi-factor authentication to prevent unauthorized access to networks.
- Conduct regular vulnerability assessments and penetration testing to rigorously scrutinize systems for weaknesses and vulnerabilities.
- Embrace a culture of cybersecurity awareness, training employees on best practices for identifying and reporting suspicious activity. This includes promoting strong password hygiene, educating on phishing scams, and fostering a collaborative approach to security.
- Prioritize physical security, limiting unauthorized access to critical facilities and implementing surveillance systems.
- Actively collaborate with government agencies and industry partners to share threat intelligence and best practices. This collective effort enables a rapid response to emerging threats and facilitates the development of innovative security solutions.
- Prioritize disaster recovery planning to minimize the impact of successful attack.
And at the very least, make sure default passwords are changed 100% of the time!