Security News > 2020 > October > Lax Security Exposes Smart-Irrigation Systems to Attack Across the Globe
More than 100 smart-irrigation systems deployed across the globe were installed without changing the factory's default, passwordless setting, leaving them vulnerable to malicious attacks, according to recent findings from Israeli security research firm Security Joes.
Recently, its researchers discovered that 55 irrigation systems within Israel were visible on the open internet without password protections.
The irrigation systems which were discovered without password protection aren't related to the previous attacks, Naor said.
Last month, six critical flaws in CodeMeter, software used to power industrial systems in the U.S., including water and electric utilities, were discovered which could be exploited to launch attacks or even allow third-party takeovers of systems.
Operators need to take security seriously, he added, noting that two-factor authentication should be a bare minimum requirement for accessing these systems from a mobile device.
News URL
https://threatpost.com/lax-security-smart-irrigation-attack/160625/
Related news
- Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them (source)
- Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks (source)
- Balancing usability and security in the fight against identity-based attacks (source)
- Security pros more confident about fending off ransomware, despite being battered by attacks (source)