Haal hi mei Israel ke pools mei technology infrastructure breach dekhne ko mila hai jo ki highlight karta hai ki sites ko secure krte time physical aspects se jyada dhyan dena padega.
Hacktivist group ‘GhostSec’ ne recently bragged kiya hai ki unhone ek unidentified hotel ke pool ke programmable logic controller (PLC) ko breached kiya hai jisse ki wo us site ke pH aur chlorine levels ko group control kar sakta hai.
Ek independent security firm (Otorio) ki post-breach report batati hai kis, “jab tak hume nhi pata chalta hai tab tk ye maan kr chalte hai ki breach krne ka attackers ka most likely aim yhi raha hoga ki unhe apni ability ko demonstrate krna tha ki wo water ke pH ko control kar sakte hai.” (Otorio.com)
Halaki, cyber-attack group ne breach ki details nhi provide ki hai, jaise ki hacke IP addresses ya phir affected systems ke data dumps Otorio ke researchers ne paaya hai ki vulnerabilities toh exist kar rhi thi jaise ki facility system ke result mei ‘basic security mechanisms jaise ki authentication aur encryption nhi include the unki technologies mei.’ (Otorio.com)
Is case mei, pool ke operators simply default passwords hi use krte hai jo ki system controllers vendor manual mei diya rahta hai.
Otorio ne informed kr diya hai Israel ke Cyber Emergency Response Team (CERT) ko is particular breach ke details ke bare mei aur authorities ke sath cooperate bhi kiya taaki ise quickly resolve kiya jaa sake.
According to Outpost24, GhostSec ek highly organized hacktivist group hai jo ki associated hai international network hacktivists Anonymous se. Is group ne Anonymous mei apni reputation 2015 mei ISIS ke against #opisis hacktivist initiative mei participate kar ke banai thi.