The FBI warns that attackers prioritize finding victims running older Windows systems
A water plant in Oldsmar, Fla., targeted by a hacker in a cyberattack earlier this month, is said to have exhibited very weak IT security practices. The hacker allegedly hijacked the plant’s operational controls, temporarily driving up the sodium hydroxide content in the water to poisonous levels. Recent updates from government authorities claim the facility did not have some basic network protections—including a firewall.
The FBI confirmed that the hackers were able to gain entry through TeamViewer, crawling in either via poor password security or the outdated Windows 7 program the facility was using. Not only was the facility using Windows 7—an outdated software that Microsoft no longer supports—but all of its employees apparently shared the same password to access TeamViewer. While the FBI acknowledged that desktop sharing software like TeamViewer is legitimate, it’s also been a popular tool used by attackers for phishing campaigns, social engineering attacks, and in insider threat scenarios.
The FBI is warning companies against using outdated computer setups and strongly urges companies to evaluate how remote access software is deployed, something that could potentially leave the door open for hackers.
The FBI recommends a series of basic security best practices to mitigate threats:
- Use Multi-factor Authentication (MFA)
- User strong passwords and follow best practices for password management to protect Remote Desktop Protocols
- Audit network configurations and isolate legacy computer systems that cannot be updated
- Audit logs for all remote connection protocols
- Train users to identify and report attempts at social engineering
- Ensure anti-virus, spam filters, and firewalls are up to date, properly configured, and secure
- Identify and suspend access of users exhibiting unusual activity
Another important point to mention about security — you can’t do it alone. You need experts who know how to deploy and mange cybersecurity solutions using best practices to protect your systems. You also need experts to monitor your systems 24/7 for suspicious activity.
If you are still running legacy systems like Windows 7, you must upgrade immediately as hackers are using this weak link to do serious damage. Contact ACE IT Solutions at 646.558.5575 or at firstname.lastname@example.org for help identifying and upgrading out-of-date systems that are exposing your network to hackers.