Budapest Post

Cum Deo pro Patria et Libertate
Budapest, Europe and world news

Cybercriminals are selling access to water treatment plants like the one hacked in Florida — here's why experts think the problem could get worse

Cybercriminals are selling access to water treatment plants like the one hacked in Florida — here's why experts think the problem could get worse

Experts expect that "we'll see more news of attack scenarios and how those attacks can be monetized" because of ongoing security vulnerabilities.
Cybercriminals in underground forums have offered to sell access to hacked systems that control US power plants and water treatment systems, according to a new report from the threat intelligence firm Intel 471. Hackers likely took advantage of common security vulnerabilities in these systems, experts say — and they fear that such attacks could become more common as bad actors find ways to monetize the hacks.

The systems that cybercriminals offered access to bore a striking resemblance to the Oldsmar, Florida water treatment plant that was compromised by a hacker last week. Law enforcement officials said an unknown intruder gained access to software used by plant managers to remotely control its systems and attempted to raise the amount of sodium hydroxide — also known as lye — in the drinking water to dangerous levels.

Intel 471 researchers were careful to note that they don't have hard evidence proving that the cybercriminals offering access to hacked industrial systems are the same ones who hacked the Oldsmar plant. But their findings illustrate broader cyber vulnerabilities in US systems that control infrastructure. For years, experts have sounded alarm bells about potential issues with these so-called Supervisory Control and Data Acquisition systems (or SCADA systems), which monitor and control machines in the field.

"Attacks on SCADA systems are not new," an Intel 471 spokesperson said in response to emailed questions from Insider following the report. "It is often easy for non-sophisticated threat actors to identify internet-facing SCADA systems and gain access with very little effort."

In one instance logged by Intel 471, a cybercriminal in a Telegram channel popular with hackers offered in May 2020 to sell access to a "Groundwater Recovery & Treatment System" located in Florida. The hacker claimed to have broken into software used by administrators to remotely control the system, and included a screenshot that showed levels of sodium hydroxide in the water.

The person who posted the screenshots in the Telegram channel was likely an Iranian actor, Intel 471 researchers said. The Telegram channel in question was also tied to a 2020 hack of an Israeli water reservoir. There's no evidence to suggest that this person was motivated by anything other than monetary gain and notoriety, the spokesperson said.

The researchers' findings illustrate broader weaknesses in the cyber defenses of US critical infrastructure. Many industrial control systems can be easily located using online directories like Shodan, which logs internet-connected devices. From there, experts say even low-level hackers can scour out stolen or default login credentials to try to break into the software that controls the systems.

"SCADA systems are notorious for using weak default admin credentials, non-standard ports, and other technical identifiers," the spokesperson told Insider.

Too much critical infrastructure is connected to the public internet with lax security protections, in part because of egregiously low cybersecurity budgets.

Industrial systems are a growing target for profit-driven hackers across the board. In the past year, researchers have tracked cybercriminals probing computers connected to critical infrastructure and reselling access to those computers to more sophisticated hacking groups, according to the security firm Kaspersky.

"We believe the malicious actors have had, for quite a while, access to not only industrial organizations but also lots of information on their technological processes," Evgeny Goncharov, Kaspersky's head of Industrial Control Systems Cyber Emergency Response Team, said in a webinar Thursday. "Probably in the near future we'll see more news of attack scenarios and how those attacks can be monetized."

The FBI published a joint advisory with the Cybersecurity and Infrastructure Security Agency on Thursday advising critical infrastructure agencies to install the latest version of Windows and urging them to be on the lookout for suspicious logins to their remote access software.
AI Disclaimer: An advanced artificial intelligence (AI) system generated the content of this page on its own. This innovative technology conducts extensive research from a variety of reliable sources, performs rigorous fact-checking and verification, cleans up and balances biased or manipulated content, and presents a minimal factual summary that is just enough yet essential for you to function as an informed and educated citizen. Please keep in mind, however, that this system is an evolving technology, and as a result, the article may contain accidental inaccuracies or errors. We urge you to help us improve our site by reporting any inaccuracies you find using the "Contact Us" link at the bottom of this page. Your helpful feedback helps us improve our system and deliver more precise content. When you find an article of interest here, please look for the full and extensive coverage of this topic in traditional news sources, as they are written by professional journalists that we try to support, not replace. We appreciate your understanding and assistance.
Newsletter

Related Articles

0:00
0:00
Close
Vatican hosts first Catholic LGBTQ pilgrimage
Apple Unveils iPhone 17 Series, iPhone Air, Apple Watch 11 and More at 'Awe Dropping' Event
France joins Eurozone’s ‘periphery’ as turmoil deepens, say investors
France Faces New Political Crisis, again, as Prime Minister Bayrou Pushed Out
Nayib Bukele Points Out Belgian Hypocrisy as Brussels Considers Sending Army into the Streets
France, at an Impasse, Heads Toward Another Government Collapse
The Country That Got Too Rich? Public Spending Dominates Norway Election
EU Proposes Phasing Out Russian Oil and Gas by End of 2027 to End Energy Dependence
More Than 150,000 Followers for a Fictional Character: The New Influencers Are AI Creations
EU Prepares for War
Trump Threatens Retaliatory Tariffs After EU Imposes €2.95 Billion Fine on Google
Tesla Board Proposes Unprecedented One-Trillion-Dollar Performance Package for Elon Musk
Gold Could Reach Nearly $5,000 if Fed Independence Is Undermined, Goldman Sachs Warns
Uruguay, Colombia and Paraguay Secure Places at 2026 World Cup
Trump Administration Advances Plans to Rebrand Pentagon as Department of War Instead of the Fake Term Department of Defense
Big Tech Executives Laud Trump at White House Dinner, Unveil Massive U.S. Investments
Tether Expands into Gold Sector with Profit-Driven Diversification
‘Looks Like a Wig’: Online Users Express Concern Over Kate Middleton
Florida’s Vaccine Revolution: DeSantis Declares War on Mandates
Trump’s New War – and the ‘Drug Tyrant’ Fearing Invasion: ‘1,200 Missiles Aimed at Us’
"The Situation Has Never Been This Bad": The Fall of PepsiCo
At the Parade in China: Laser Weapons, 'Eagle Strike,' and a Missile Capable of 'Striking Anywhere in the World'
The Fashion Designer Who Became an Italian Symbol: Giorgio Armani Has Died at 91
Putin Celebrates ‘Unprecedentedly High’ Ties with China as Gazprom Seals Power of Siberia-2 Deal
China Unveils New Weapons in Grand Military Parade as Xi Hosts Putin and Kim
Rapper Cardi B Cleared of Liability in Los Angeles Civil Assault Trial
Google Avoids Break-Up in U.S. Antitrust Case as Stocks Rise
Couple celebrates 80th wedding anniversary at assisted living facility in Lancaster
Information Warfare in the Age of AI: How Language Models Become Targets and Tools
The White House on LinkedIn Has Changed Their Profile Picture to Donald Trump
"Insulted the Prophet Muhammad": Woman Burned Alive by Angry Mob in Niger State, Nigeria
Trump Responds to Death Rumors – Announces 'Missile City'
Druzhba Pipeline Incident Sparks Geopolitical Tensions
Cost of Opposition Leader Péter Magyar's Economic Plan Revealed
Germany in Turmoil: Ukrainian Teenage Girl Pushed to Death by Illegal Iraqi Migrant
United Krack down on human rights: Graham Linehan Arrested at Heathrow Over Three X Posts, Hospitalised, Released on Bail with Posting Ban
Asian and Middle Eastern Investors Avoid US Markets
Ray Dalio Warns of US Shift to Autocracy
Eurozone Inflation Rises to 2.1% in August
Russia and China Sign New Gas Pipeline Deal
Von der Leyen's Plane Hit by Suspected Russian GPS Interference in an Incident Believed to Be Caused by Russia or by Pro-Peace or by Anti-Corruption European Activists
China's Robotics Industry Fuels Export Surge
Suntory Chairman Resigns After Police Probe
Gold Price Hits New All-Time Record
UK Fintechs Explore Buying US Banks
Greece Suspends 5% of Schools as Birth Rate Drops
Apollo to Launch $5 Billion Sports Investment Vehicle
Bolsonaro Trial Nears Close Amid US-Brazil Tension
European Banks Push for Lower Cross-Border Barriers
Poland's Offshore Wind Sector Attracts Investors
×