Iranian hackers are responding to the recent Iran-U.S. war with cyber attacks on critical American infrastructure, using vulnerabilities in systems used at water and energy companies, the U.S. has warned. The warning, released by the Cybersecurity and Infrastructure Security Agency this week, suggests that the Iranian attacks are focused on “internet-facing operational technology,” specifically programmable logic controllers, which allow them to gain a foothold and to cause disruption.
The CISA is now advising that affected organizations should begin to “urgently review” the guidance and to remove potentially exploitable controllers, specifically those made by Rockwell Automation and Allen-Bradley, from “direct internet exposure” using secure gateways and firewalls. The guidance also recommends auditing access logs for suspicious traffic across several ports, particularly 44818, 2222, 102, and 502.
Article continues below
As CISA’s past guidance shows, cyber attacks from nations such as Iran, Russia, and North Korea are hardly new phenomena. In an era of ever-growing global insecurity, this CISA alert is a timely reminder for those involved in protecting critical infrastructure to harden their systems because, when you’re connected to the internet, every connected system is suddenly at risk to hackers living thousands of miles away.
Follow Tom’s Hardware on Google News, or add us as a preferred source, to get our latest news, analysis, & reviews in your feeds.
