It's not just cyber software and systems that Hackers are interested in. The attack on Florida’s water supply has highlighted the lack of adequate security measures present.
Cyber actors accessed the supervisory control and data acquisition (SCADA) system via TeamViewer software which was installed on one of the plant's several computers connected to the control system. These were running a Windows 7 operating system which reached end-of-life on 14/1/2020. This means no support or security patches produced anymore, making them more vulnerable by the day.
The machines also shared the same password for remote access and were said to have been exposed directly to the Internet without any firewall protection installed.
Chris White, Head of Cyber and Innovation at The Cyber Resilience Centre for the South East said: "Organisations will have aging infrastructure, some may have under-resourced IT departments, some lack budget and/or expertise to upgrade their security posture to address vulnerabilities in a timely fashion."
"However, if you remain connected to the internet, you must keep computers, devices, and applications, including SCADA or industrial control systems (ICS) software, patched and up-to-date, and where you can, add the use of two-factor authentication with strong passwords. Gaining Cyber Essentials will help you address these risks making you safer online."
The Cyber Resilience Centre for the South East (SECRC) is a policing-led partnership which is offering businesses in the region the chance to access free guidance and support to improve their cyber resilience.
When a business signs up for the SECRC free core membership you receive a useful welcome pack that will provide you with access to national guidance on cyber security, free online resources and toolkits and a tabletop exercise to really test your business’ resilience plans against a cyber-attack.
So, what are you waiting for? Sign up at www.secrc.co.uk/membership.