For HomeFor BusinessFor Partners
Industry News
1 min read

FBI Issues Private Industry Notification in Light of Florida Water Plant Hack

Filip TRUȚĂ

February 11, 2021

Promo Protect all your devices, without slowing them down.
Free 30-day trial
FBI Issues Private Industry Notification in Light of Florida Water Plant Hack

The US Federal Bureau of Investigation has issued a private industry notification after a cyberattack that targeted a water plant in the state of Florida.

As reported earlier this week, the Oldsmar water treatment systems were remotely accessed by an unknown threat actor via TeamViewer, the popular software tool designed for remote control, desktop sharing, online meetings, and file transfer between computers. The attacker tried to poison the water supply by increasing the sodium hydroxide content from 100 to 11,100 parts per million.

The FBI alert, obtained by ZDNet, draws attention to out-of-date Windows 7 systems, poor passwords, and desktop sharing software TeamViewer.

“Beyond its legitimate uses, TeamViewer allows cyber actors to exercise remote control over computer systems and drop files onto victim computers, making it functionally similar to Remote Access Trojans (RATs),” the FBI said.

“TeamViewer’s legitimate use, however, makes anomalous activity less suspicious to end users and system administrators compared to typical RATs.”

The TeamViewer app itself was suffering no vulnerabilities, but it helped the attacker following an initial intrusion, likely through compromised account credentials or remote access accounts with weak passwords.

The notice further warns about the use of Windows 7, which Microsoft stopped supporting in January of last year. Knowing it might take a while before Windows 7 is phased out completely, the Bureau offers a list of interim steps for mitigation:

  • Use multi-factor authentication
  • Use strong passwords to protect Remote Desktop Protocol (RDP) credentials
  • Ensure anti-virus, spam filters, and firewalls are up to date, properly configured and secure
  • Audit network configurations and isolate computer systems that cannot be updated
  • Audit your network for systems using RDP, closing unused RDP ports, applying two-factor authentication wherever possible, and logging RDP login attempts
  • Audit logs for all remote connection protocols
  • Train users to identify and report attempts at social engineering
  • Identify and suspend access of users exhibiting unusual activity
  • Keep software updated

tags

Industry News

Author

Filip TRUȚĂ

Filip TRUȚĂ

Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.

View all posts

Right now Top posts

Torrents with Pirated TV Shows Used to Push Lumma Stealer Malware
Threats The Safe Nomad

Torrents with Pirated TV Shows Used to Push Lumma Stealer Malware

November 14, 2024

4 min read
How Scammers Stole $20 Million by Hacking Emails of Real Estate Agents – Here’s Why Small Firms Must Take Cybersecurity Seriously
Industry News Very Small Business Scam

How Scammers Stole $20 Million by Hacking Emails of Real Estate Agents – Here’s Why Small Firms Must Take Cybersecurity Seriously

November 11, 2024

3 min read
Is Your Digital Footprint Placing You in Scammers’ Crosshairs?
Scam

Is Your Digital Footprint Placing You in Scammers’ Crosshairs?

October 17, 2024

4 min read
What Key Cyberthreats Do Small Businesses Face?
Tips and Tricks How to Very Small Business

What Key Cyberthreats Do Small Businesses Face?

September 06, 2024

4 min read

FOLLOW US ON SOCIAL MEDIA

You might also like

Track Guide to Las Vegas: Cybersecurity Edition
Cybersecurity Grand Prix

Track Guide to Las Vegas: Cybersecurity Edition
Bitdefender

November 19, 2024

3 min read
Cybersecurity Grand Prix: Race to Secure Your Digital Footprint
Cybersecurity Grand Prix

Cybersecurity Grand Prix: Race to Secure Your Digital Footprint
Bitdefender

October 28, 2024

3 min read
Finnish Customs, Europol, Swedish Police and Bitdefender Cooperation Leads to Sipulitie Dark Web Marketplace Shut Down
Industry News

Finnish Customs, Europol, Swedish Police and Bitdefender Cooperation Leads to Sipulitie Dark Web Marketplace Shut Down
Bitdefender

October 15, 2024

3 min read

Bookmarks

loader