WorldNorth AmericaU.S. Cybersecurity and Infrastructure Security Agency urges critical infrastructures to improve cybersecurity...

U.S. Cybersecurity and Infrastructure Security Agency urges critical infrastructures to improve cybersecurity against pro-Russia hackers

Type of event:
Other, cyberattack, cybersecurity

Victims

Wounded

Date

May 1, 2024

What happened

After a series of cyberattacks on American infrastructure sites claimed by Russian hackers, the Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory warning that pro-Russia “hacktivists” are targeting North American and European critical infrastructure by remotely accessing said infrastructures through human-machine interfaces that largely relied on factory default passwords or lacked multifactor authentication. The U.S. and its partners have not identified any operational impact from any of the reported intrusions, and the federal government is not assessing a connection between the recent malicious activity and Sandworm, the Russian state actor linked to the Cyber Army of Russia responsible for a recent cyberattack on an Indiana water plant. Eric Goldstein, executive assistant director for cybersecurity at CISA, stated that to prevent these breaches, technology should be deployed as a default by the vendors with better security controls, as there isn’t a reason why any technology product should be coming off the shelf with a factory default password that is not immediately changed upon installation, following CISA’s own “Secure by Design” effort.

Where it happened

Main sources