Hackers were able to infiltrate an ICS/SCADA system at a water treatment plant and altered crucial settings that controlled the amount of chemicals used to treat tap water according to Verizon’s 2016 Data breach Digest. Along with outdated computers, the system was exposed to the Internet because traffic was routed through a Web server where customers could check their monthly water bill.
Lamar Bailey, Senior Director of Security R&D for Tripwire told @DFMag;
“Poor designs and misconfigurations lead to countless security incidents. An entity can purchase all the security products in the world and acquire the best staff available but if the network has gaping holes in the perimeter or DMZ machines have unfettered access to the secure side of the network it is only a matter of time before an attack succeeds. A network needs to first be a defendable position with clear defined boarders on which layers of of security are built upon. It is imperative that companies examine their networks from the outside to see what is exposed and what “windows” are left open.
Utility infrastructure entities have become prime targets for hacktivists and terrorist so administrators must be even more diligent in securing theses locations. They are softer targets due to the antiquated insecure nature in how internal systems communicate so once the other shell is broken it can be trivial to cause havoc within the network.”