Friday, January 22, 11:05
Home security More than 100 irrigation systems were left exposed on the internet

More than 100 irrigation systems were left exposed on the internet

More than 100 smart irrigation systems were exposed online without a password last month, allowing anyone to access and disrupt irrigation programs for crops, tree plantations, cities and buildings.

Exposed irrigation systems were discovered by Security Joes, a small security company based in Israel. The problem is the ICC PRO system, a smart irrigation system designed by Motorola.

Internet

Security Joes co-founder Ido Naor told ZDNet last month that Companies and city officials had installed the ICC PRO systems without changing the factory default settings, which do not include a password for the default account.

Naor says systems could be easily identified online with the help of search engines and production As the Shodan.

Once an attacker detects an Internet-accessible ICC PRO system, Naor says all they have to do is type in the "default admin username" and press Enter to access a smart irrigation control panel.

Here, Naor says intruders can stop watering, change settings, control the amount of water and pressure supplied to pumps, or lock irrigation systems by blocking access to specific users.

More than 100 ICC PRO irrigation systems were exposed online without a password last month when Naor first spotted this issue.

The security investigator said more than half of those exposed systems were located throughout Ισραήλ, with the rest being spread all over the world.

Naor briefed CERT last month, which then contacted the affected companies, Motorola, and also shared the findings with other CERT teams in other countries.

The report began to improve last week. Naor acknowledged Motorola's stance on the development after the company sent a letter to customers on the risks of exposure of the irrigation system to the internet.

As a result of these alerts, the number of ICC PRO instances with internet access began to decline from 94 last week to 78 today as companies began to install irrigation systems behind firewall or in private networks.

However, while the situation has improved, systems still exposed to the Internet today still do not have a password set to the default account.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehchttps://www.secnews.gr
Be the limited edition.

LIVE NEWS

Microsoft Edge will notify you if your password is compromised

A new built-in password generator and a possibility to monitor the credentials that have leaked to Windows and macOS systems, is released by ...

Teespring: Hacker leaked data of millions of its users!

A hacker leaked data on millions of registered Teespring users on January 17 - an online portal that allows users to create and ...

QNAP: New Dovecat crypto-miner infects NAS devices

QNAP has warned its customers about a new malware (crypto-miner) called Dovecat, which targets NAS (network-attached storage) devices ...

MyFreeCams: Two million files were stolen from the adult site

A database of the popular adult site MyFreeCams, has been leaked to a hacking forum, resulting in the data of its users to ...

FBI: Parler is called in to investigate the Capitol attack

Participants in the January 6 attack on the US Capitol are accused of their actions, as they seem to have published in Parler and ...

Mac: How to see which model you have and when it was released

When you need support for your Mac - or want to install some kind of upgrade - you usually need to know the exact ...
00:02:35

Bill Gates: Will he work with Biden on COVID-19 / climate change?

Microsoft co-founder Bill Gates said on Twitter that he is looking forward to working with the new US President, Joe Biden, and ...

What are the rumors circulating about the iPhone 13?

Apple iPhone 13 will have a redesigned Face ID system that will have a smaller notch at the top of the screen, ...

Biden: How was the political transition in the US captured on social media?

As Joe Biden was sworn in as President of the United States, this important political transition was captured on popular social media. On January 20, ...

CentOS ceases to be supported but RHEL is offered for free

Last month, Red Hat caused a great deal of concern in the Linux world when it announced the discontinuation of CentOS Linux.