That critical infrastructure is increasingly eyed by sophisticated cybercriminals and the security posture requires urgent attention to thwart rising targeted attacks was brought to the fore yet again when a water management facility was accessed by a hacker a few days ago.
And this incident is still in the news because this one is not a typical data breach attempt. It was more deadly in nature. The hacker had accessed a water management system. This access happened via remote desktop software that was installed on the computer inside the facility. This software allowed authorized end-users to troubleshoot water management systems remotely.
Had the hacker been successful in executing the attack, the water in the city (under attack) would have been contaminated by a very high concentration of sodium hydroxide. Fortunately, the authorities detected the unauthorized access early and stopped its execution.
And while the investigations are on to find out where this attack originated from, the crux of the matter that we would like to discuss is, are utility service providers doing enough to protect endpoint privileges?
Indeed, in such cyber-attacks, the hacker will typically search for endpoint privileges to illegitimately access software and applications. Worse, once inside the network periphery, cyber-attackers can also move laterally; and if mission-critical systems have always-on privileges, the attack is imminent.
To substantiate our point, in this incident the attacker could easily get the administrative access to water management software and change the instructions. And endpoint privilege management can prevent such types of attacks.
ARCON | Endpoint Privilege Management (EPM) is developed keeping in mind the rising complexities from remote users. ARCON | EPM enables the security and risk assessment team to implement a centralized policy engine to regulate and govern all endpoint privileges. The solution offers seamless helpdesk integration. All on-boarded users in the network can request the Administrator to grant endpoint privilege to access any particular application. Based on the user (role and responsibility), the Administrator will then grant just-in-time endpoint privilege. After the privilege activity is completed, the elevated privilege is revoked. (Please download our EPM brochure and request for a demo for more details).
Targeted Attacks on mission-critical systems are increasing. Threat detection and risk mitigation teams must deploy Endpoint Privilege Management.