- cross-posted to:
- technology@lemmy.zip
- technology@beehaw.org
- cross-posted to:
- technology@lemmy.zip
- technology@beehaw.org
Pro-Russia hacktivists have been targeting and compromising small-scale Operational Technology (OT) systems in North American and European Water and Wastewater Systems (WWS), Dams, Energy, and Food and Agriculture Sectors. They aim to exploit modular, internet-exposed Industrial Control Systems (ICS), targeting software components like human machine interfaces (HMIs). The threat actors were observed using methods such as exploiting virtual network computing (VNC) remote access software and default passwords.
The malicious activity began in 2022 and is still ongoing. The government agencies urge OT operators in critical infrastructure sectors to implement a set of mitigations provided in the advisory.
“Pro-russia hacktivists” that’s a weird way to say “state sponsored hackers”. Also they are using open VNC and default passwords? Really? The parties responsible for that infrastructure should be ashamed.