"Most of what's circulated on the Venice flood-defense story is still claims from actors. I'm not seeing any reports on indicators of compromise yet. Operational technology is the gear and software that runs physical equipment, not a separate internet-only problem."
"At the same time, staff may have limited visibility into how workstations and email traffic relate to the networks that start pumps or open gates. That environment favors a small set of recurring problems: paths in from the internet, weak or reused passwords, and control gear that stays in service for years."
"Hardening starts with tightening who can reach plant controls from off site, separating everyday office networks from those controls, and keeping logs of remote maintenance sessions; maturity level can vary a lot by facility."
"Local media asserts that the aim of the threat actors does not appear to be financial, but rather, symbolic, demonstrating the vulnerability of critical infrastructure."
A hacking group named either 'Infrastructure Destruction Squad' or 'Dark Engine' has claimed responsibility for breaching the hydraulic pump system in Venice. They have reportedly stolen administrative credentials and gained access to the flood risk management system, threatening to manipulate floodgates. Aaron Colclough from Suzu Labs notes that the situation highlights vulnerabilities in operational technology, emphasizing the need for better security measures. The attack appears to be symbolic rather than financially motivated, showcasing the risks to critical infrastructure.
Read at Securitymagazine
Unable to calculate read time
Collection
[
|
...
]