On Feb. 2, the largest ever compilation of breached usernames and passwords was leaked online. Known as COMB, it contained 3.2 billion unique email/password pairs, including the credentials for the Oldsmar water plant in Florida.
Three days later an unknown attacker entered Oldsmar's computer systems and attempted to manipulate the pH in the city's water to dangerously high acidic levels by increasing sodium hydroxide (lye) by 100 times. Although the attack was foiled and the lye levels returned to normal, the incident highlighted the ease with which cybercriminals are increasingly able to target critical national infrastructure (CNI).
In this particular case it was thought that the attacker managed to get into Oldsmar's systems via the plant's TeamViewer software which allows supervisors to access the system remotely. "As recently as August 2020, our analysts identified several high-risk vulnerabilities and exposures publicly associated with TeamViewer," claims Evan Kohlmann, chief innovation officer of threat intelligence platform Flashpoint. "This includes an example allowing a malicious website to launch TeamViewer with arbitrary parameters, capturing the victim's password hash for offline password cracking."
However, the problem isn't unique to TeamViewer. As far back as 2013 the Department of Homeland Security (DHS) confirmed that an Iranian hacker group known as "SOBH Cyber Jihad" accessed computer systems controlling the Bowman Avenue Dam in New York at least six times, accessing sensitive files containing usernames and passwords. Similarly, in 2015 and 2016 Ukraine suffered a series of attacks on its power grids believed to be the work of a Russia-sponsored advanced persistent threat group called Sandworm, which left 225,000 Ukrainians in sustained blackouts for ..
Support the originator by clicking the read the rest link below.
