The UK’s National Cyber Security Centre (NCSC) and the US partner, the Cybersecurity and Infrastructure Security Agency (CISA), have issued a warning about the evolving threat from Russia-backed hacktivist groups targeting critical national infrastructure (CNI). These groups have recently been targeting vulnerable industrial control systems in both Europe and North America, causing physical disruptions in the US. The hacktivists have been tampering with water and wastewater systems, resulting in equipment malfunctions and overflow events. They have exploited vulnerabilities in the virtual network computing (VNC) protocol to gain access to these systems. The NCSC urges all CNI operators to enhance their defenses and follow mitigation advice to protect against future attacks. These hacktivist groups, though less sophisticated than state-backed threat groups, are considered dangerous due to their lack of oversight, resulting in broader targeting and disruptive effects. They are increasingly interested in achieving a more destructive impact on CNI organizations. The NCSC and CISA recommend immediate action, including the implementation of secure system administration, strengthening remote access, and updating access policies to mitigate the risk of future attacks.
Menu
