Public utility compromised after brute-force hack attack, says Homeland Security

Event Year: 2014 Reliability: Confirmed
Country: United States
Industry Type: Power and Utilities

Hackers took advantage of a weak password security system at a public utility in the U.S. which has not been identified.


At the time of the attack, mechanical devices were disconnected from the control system for scheduled maintenance, so no actual damaged had been done to the system or equipment.

Action Description: ICS-CERT was able to work with the affected entity to put in place mitigation strategies and ensure the security of their control systems before there was any impact to operations.