Mounting hacktivist attacks compromise Canadian critical infrastructure

BleepingComputer reports that online industrial control systems in critical infrastructure organizations across Canada were noted by the Canadian Centre of Cyber Security to have been subjected to intensified hacktivist intrusions.

Threat actors who targeted a water facility meddled with water pressure values, resulting in a disrupted water supply, while the manipulation of an oil and gas firm's Automated Tank Gauge led to false alarms. Moreover, a Canadian farm's grain drying silo had its temperature and humidity levels tampered with following an attack, according to Canadian authorities, who noted that the opportunistic intrusions sought to impede trust.

Organizations have been urged by authorities to immediately evaluate and secure all internet-exposed ICS devices, harness VPNs with two-factor authentication and vulnerability management capabilities, perform penetration testing, and adhere to released cybersecurity guidelines, as well as promptly report suspicious network activity. Such a development comes after a water facility honeypot was targeted by pro-Russian hacktivist group TwoNet.