Government agencies have issued warnings about a series of cyber attacks by pro-Russia hackers targeting industrial control systems (ICS) in North America and Europe, resulting in physical disruptions like overflowing water tanks. The U.S
Cybersecurity and Infrastructure Security Agency (CISA) advised critical infrastructure operators to enhance defenses against these attacks, which are exploiting vulnerabilities in outdated remote access software and weak passwords on human machine interfaces (HMIs). While the attacks were labeled as unsophisticated, they highlight the potential physical risks posed by insecure operational technology (OT) environments. A group named CyberArmyofRussia_Reborn, linked to the Sandworm threat group, claimed responsibility for attacks in Indiana and Texas, emphasizing the need to strengthen cybersecurity measures in critical infrastructure sectors. CISA recommended immediate actions for potential targets, including securing HMIs, reducing OT system exposure to the internet, using strong passwords, and implementing multifactor authentication. Apart from Russia-linked threats, hackers from China and Iran have also targeted U.S. facilities, with Chinese cyberattacks on critical infrastructure seen as a major national security concern. https://www.scmagazine.com/news/pro-russia-hackers-target-ot-weaknesses-in-critical-infrastructure