Hacktivists have recently messed with industrial equipment at important sites, such as a water treatment plant and an energy site, according to Canada’s top cyber authority.
The Canadian Centre for Cyber Security sent out an alert on October 29 saying that it and the RCMP had received many reports in the past few weeks of people using industrial control systems that are connected to the internet to set off alarms and change process values.
The agency said that one incident involved messing with the water pressure at a local utility, which made service worse for the people who lived there.
Another case involved an oil and gas company, where someone messed with an automated tank gauge to make it read wrong.
A third incident at a grain drying silo changed the temperature and humidity settings in a way that could have made things unsafe if workers hadn’t stepped in.
The Cyber Centre said that hacktivists are using exposed control systems more and more to get attention and hurt businesses, and they told operators to report any suspicious activity.
The advisory brings attention to a long standing weak point for smaller utilities and farms, operational technology that runs for decades and security budgets that are lower than information technology budgets.
Even though the events described didn’t have terrible results, the warning comes at a time when industrial operators are already dealing with higher insurance costs, stricter regulations, and the cost of upgrading old systems.
Resilience planning is no longer just a way to protect publicly traded utilities and energy producers; it’s also a way to protect their balance sheets, as downtime risks, compliance exposure, and reputational damage are all at stake.
Operators should make a list of all the devices that can be reached from the open internet and get rid of any paths that aren’t needed.
The agency suggests using virtual private networks with multi-factor authentication, stricter monitoring, and regular penetration testing when remote access is needed.
The alert also asks provinces and territories to work with cities and organizations in areas where cyber oversight is lacking, such as water, food, and manufacturing.
Canada’s warning is also in line with a larger pattern of threats across North America.
CISA ordered emergency fixes for Cisco firewalls earlier this fall after zero day exploits put edge devices at risk. This is a reminder that gear that connects to the internet is often the first line of defence against deeper attacks.
More Read
Even though the reasons are different, the tradecraft is the same, look for weaknesses, act quickly, and turn small mistakes into big problems.
The agency’s request for tabletop exercises is meant to strengthen muscle memory for responding to situations like who has the power to stop a process, how to work with local police and the RCMP, and how to let customers know if service gets worse.
