Security agencies are warning that pro-Russia hacker groups are breaking into critical systems that control infrastructure like water plants, dams, and energy facilities in the United States and Europe.
These hackers are using unsophisticated techniques to remotely access control systems and cause disruptions like making pumps and equipment malfunction. They are getting in by exploiting internet-connected systems with weak passwords or outdated software.
In early 2024, several U.S. water treatment plants experienced these kinds of hacker attacks. The hackers manipulated the control systems, maxing out settings, disabling alarms, and changing passwords to lock out operators. This caused some minor issues like tank overflows, but operators were able to quickly switch to manual controls to restore operations.
The hackers are gaining remote access by:
- Using outdated remote desktop software with weak passwords
- Exploiting default passwords on control systems that don’t have multi-factor authentication
While this activity has been limited so far, security agencies warn these hackers potentially have capabilities to cause more serious physical damage to insecure systems.
To protect against these threats, agencies recommend critical infrastructure operators take steps like:
- Disconnecting control systems from the public internet
- Enabling firewalls and multi-factor authentication for remote access
- Changing all default passwords to strong, unique ones
- Keeping software like remote desktop apps fully updated
- Restricting control system access to allowlisted devices only
- Implementing safety limits to prevent dangerous control changes
- Maintaining ability to manually operate systems if hacked
Manufacturers of control systems are also urged to build in security by default, eliminating things like default passwords that create risks.
While the hackers have exaggerated their capabilities so far, security agencies advise taking these attacks seriously and hardening defenses against potential escalation. Proactive security measures are critical to protecting infrastructure that millions rely on.