Security News > 2020 > October > Lax Security Exposes Smart-Irrigation Systems to Attack Across the Globe
More than 100 smart-irrigation systems deployed across the globe were installed without changing the factory's default, passwordless setting, leaving them vulnerable to malicious attacks, according to recent findings from Israeli security research firm Security Joes.
Recently, its researchers discovered that 55 irrigation systems within Israel were visible on the open internet without password protections.
The irrigation systems which were discovered without password protection aren't related to the previous attacks, Naor said.
Last month, six critical flaws in CodeMeter, software used to power industrial systems in the U.S., including water and electric utilities, were discovered which could be exploited to launch attacks or even allow third-party takeovers of systems.
Operators need to take security seriously, he added, noting that two-factor authentication should be a bare minimum requirement for accessing these systems from a mobile device.
News URL
https://threatpost.com/lax-security-smart-irrigation-attack/160625/
Related news
- Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- iOS 18 added secret and smart security feature that reboots iThings after three days (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)