OT/ICS Awareness – Password Attacks Observed on SCADA Network VPN Web Clients

Information has been shared with WaterISAC regarding password attack activity targeting SCADA networks of a water sector entity. The entity has reported suspicious activity where their SCADA networks were targeted by cyber attackers. A number of accounts within their SCADA network became temporarily inaccessible due to a vulnerability that allowed access to a VPN portal login page, allowing attackers to conduct password attacks against the accounts on the SCADA network. WaterISAC is sharing this TLP:CLEAR report for member awareness of targeted attacks in the water sector.

Information has been shared with WaterISAC regarding password attack activity targeting SCADA networks of a water sector entity. The entity has reported suspicious activity where their SCADA networks were targeted by cyber attackers. A number of accounts within their SCADA network became temporarily inaccessible due to a vulnerability that allowed access to a VPN portal login page, allowing attackers to conduct password attacks against the accounts on the SCADA network. WaterISAC is sharing this TLP:CLEAR report for member awareness of targeted attacks in the water sector.