Following the attack in Oldsmar, where a hacker gained access to a water treatment plant's network and modified chemical doses to dangerous levels, the FBI issued a warning on Tuesday highlighting three security issues observed in the plant's network after the previous breach. week.
The alert, called Private Industry Notification or FBI PIN, warns against using uninformed Windows 7 systems that are weak passwords and TeamViewer software, prompting private companies and federal and government agencies to review their internal networks.
The FBI PIN specifically names TeamViewer as dangerous desktop sharing software to watch out for confirmed as the intruder's entry point into the Oldsmar water treatment plant network.
According to a Reuters report, representatives said that last Friday the intruder was twice connected to a computer to the Oldsmar water treatment plant network through TeamViewer.
The second time, the intruder took control of the operator mouse, moved it to the screen and made changes to the sodium hydroxide levels added to the drinking water.
While the operator reversed the changes made by the hacker almost immediately, the incident became a major topic of discussion among security professionals.
One of the topics discussed is the use of TeamViewer in critical US infrastructure. In a report by Motherboard published on Tuesday, several well-known security experts criticized companies and employees who use the software for remote work, characterizing it as precarious and insufficient for the management of sensitive resources.
While the FBI PIN warning is not critical of TeamViewer, the FBI wanted federal and private agencies to be vigilant. application.
The FBI notice does not specifically tell organizations to uninstall TeamViewer or any other type of desktop sharing software, but warns that hacker can it use to acquire access in employee accounts if remote access accounts are weakly insured passwords.
In addition, the FBI alert warns of continued use of Windows 7, one operating system which reached the end of its life cycle last year, on January 14, 2020.
This part of the warning was included because the Oldsmar water treatment plant is still using Windows 7 in network of.
Although there is no evidence that the attackers used specific bugs in Windows 7, the FBI says using an older operating system is dangerous.
However, a Cyberscoop report released today points to the fact that the Oldsmar plant, like many other water treatment plants in USA do not have sufficient staff.
While the FBI issued the warning with good intentions, many companies may not be able to do anything about all of the above, as it looks like a serious financial investment will have to be made in the IT infrastructure of this type of company / infrastructure.
Source of information: zdnet.com