Pulse of Truth

451 readers

71 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 1 year ago

MODERATORS

[email protected]

Water Supplier American Water Works Says Hackers Breached System (www.bloomberg.com)

submitted 1 week ago by [email protected] to c/[email protected]

1 comments fedilink hide all child comments

American Water Works Co. Inc., which supplies drinking water and wastewater services to more than 14 million people, said hackers had breached its computer networks and systems.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 2 points 1 week ago* (last edited 1 week ago)

Why the hell is there any path from the internet to any system?

Layers, and layers, and proper isolation with proper 2FA.

Just yesterday I got a notification from my 2FA about someone trying to login to a system I work on. Since I didn't know of any scheduled work, I was justifiably concerned, but only a little, since 2FA was blocking them.

Turns out it was a coworker who needed to check something, and was having issues with 2FA.

We can't directly access any of the secure systems from outside - we have to VPN in (2FA), then hit an RDP/SSH server (another 2FA) that gives us control over the more secure systems. No other network traffic is permitted between the secure network and the regular corporate (workstation) network.