Security News > 2020 > October > Lax Security Exposes Smart-Irrigation Systems to Attack Across the Globe
More than 100 smart-irrigation systems deployed across the globe were installed without changing the factory's default, passwordless setting, leaving them vulnerable to malicious attacks, according to recent findings from Israeli security research firm Security Joes.
Recently, its researchers discovered that 55 irrigation systems within Israel were visible on the open internet without password protections.
The irrigation systems which were discovered without password protection aren't related to the previous attacks, Naor said.
Last month, six critical flaws in CodeMeter, software used to power industrial systems in the U.S., including water and electric utilities, were discovered which could be exploited to launch attacks or even allow third-party takeovers of systems.
Operators need to take security seriously, he added, noting that two-factor authentication should be a bare minimum requirement for accessing these systems from a mobile device.
News URL
https://threatpost.com/lax-security-smart-irrigation-attack/160625/
Related news
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks (source)
- EDRSilencer red team tool used in attacks to bypass security (source)
- ISC2 Security Congress 2024: The Landscape of Nation-State Cyber Attacks (source)
- Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- iOS 18 added secret and smart security feature that reboots iThings after three days (source)