Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Commentary on American Water Cyberattack from Semperis

October 2024 by Sean Deuby, Principal Technologist, Semperis

The commentary on the American Water cyber attack form Sean Deuby, Principal Technologist, Semperis:

Last week’s cyberattack on American Water Works is not surprising, given that water treatment and wastewater treatment operators were recently given guidance by the EPA on securing their facilities. Then in March, a memo sent by the Biden administration to U.S. governors warned them of the increase in cyberattacks on water and wastewater treatment plants. And just last week, the Wall Street Journal reported that many U.S. telcos are being targeted by Chinese nation-state back groups such as Salt Typhoon.
While we don’t yet know which threat actor targeted this important critical infrastructure utility company, American Water appears to have responded quickly and effectively to isolate the damage caused by the cyberattack – a commendable response executed under duress.
Today, there is no silver bullet that will solve the cybersecurity challenges facing public and private sector organisations. Today, the most commonly used identity system, Active Directory, is compromised in 90 percent of cyberattacks. Identity systems have become the new perimeter in cybersecurity. Attacks have increased at such a rapid pace that the Five Eyes Alliance of the US, Canada, Australia, the UK, and New Zealand recently issued a comprehensive report, specifically focused on Active Directory, providing guidance on defense against 17 common attacks against this identity system.
One common thread across all these campaigns is the use of identity for initial access, propagation, privilege escalation, and persistence. Organisations should prioritise protecting these mission-critical systems that are always targeted by threat actors, whether they’re nation state actors or cybercriminals. This includes around the clock threat hunting, increasing security audits, organising security awareness training for employees, and locking down Active Directory because it’s a hacker’s highway.


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts