/>
X
Innovation

What hacking attacks can teach us about defending networks

A hacker's attack on a water treatment facility has lessons for every organisation.
Written by Danny Palmer, Senior Writer on
20210226-stowik-danny.jpg

A water treatment plant fell victim to a hacker to the extent that the intruder was able to tamper with chemical levels and attempt to poison the drinking water supply.

Nobody was harmed when the intruder interfered with the system at the water treatment facility in Oldsmar, Florida because the changes were spotted and the chemical levels reverted to normal, but the incident is a reminder to all organisations that networks must be secured against cyberattacks, especially if systems that manage physical capabilities can be remotely accessed and manipulated.

"What we can learn from this from a defender and an operator perspective as the utility is making sure that we're securing credentials and, wherever possible, limiting the exposure of authentication portals to external entities and implementing multi-factor authentication wherever possible to really minimize the impact of credential guessing," Joe Slowik, senior security researcher at DomainTools, told ZDNet Security Update.

SEE: Cybersecurity: Let's get tactical (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic) 

Additional security capabilities, such as multi-factor authentication, can also provided an additional barrier to an attacker gaining access.

In this instance, the attack was spotted after the intruder had attempted to manipulate industrial control systems, and in order to ensure the full security of an industrial network, there should be protections in place to detect any suspicious activity before attackers can attempt anything at all.

That starts with knowing what's on your network and being able to identify unexpected or unusual activity.

"First and foremost, it's just understanding your own attack surface; what do we have exposed? What are the possibilities for third parties or unwanted entities for accessing our environments. Knowing what those avenues are and, after they've been identified, securing them," said Slowik

"So that combination of understanding our own networks, hardening our networks, where possible, and then looking for attempts to subvert or break into these environments. It sounds fairly basic but that's, at least where we need to get started for defending these environments," he added.

MORE ON CYBERSECURTY

Editorial standards

Related

Broadband availability: This new map can help you find out what services are available
getty-a-woman-looking-at-a-laptop-with-a-concerned-expression.jpg

Broadband availability: This new map can help you find out what services are available

How project management tools can boost your productivity
Agile framework board for lean product development with scrum or kanban methodology, project management with iterative or incremental strategy, young woman working with computer

How project management tools can boost your productivity

You can use an AI Time Machine to see what you'd look like in different eras throughout history
Photo renderings of a woman throughout different decades using AI Time Machine

You can use an AI Time Machine to see what you'd look like in different eras throughout history