A "sophisticated" hacker or hacking group recently compromised an unnamed public utility in the United States after gaining access to its control system network. Details of the public utility were not disclosed by the Department of Homeland Security (DHS), which reported the breach, but it speaks to the type of hacking threats that are increasingly posing a risk for key elements of infrastructure, such as power and water utilities. A DHS official tells Reuters that it was able to resolve the issue before the utility saw any operational impact.
Attackers are expected to improve at finding these vulnerabilitiesHackers were able to gain access to the public utility through an internet-connected element in its control system that was meant to allow for remote access. Though it was protected with a password, the intruder was able to compromise it using brute force. The DHS says that the public utility had seen previous intrusions too and that it was likely exposed to numerous other threats.
In particular, the department notes that many utilities face threats because tools that were not originally designed to connect to the internet are becoming hooked up, though it's unclear if that's what happened here. "In many cases, these devices have not been configured with adequate authentication mechanisms, thereby further increasing the chances of both opportunistic and targeted attempts to directly access these components," it writes in a cyber emergency report. "As tools and adversary capabilities advance, we expect that exposed systems will be more effectively discovered and targeted by adversaries." Though Reuters reports that this report doesn't usually disclose public utility attacks, it's choosing to do so now to exemplify the need to further security on industrial control systems.