Factory Default Passwords Put Critical Infrastructure At Risk
Stressing the importance of account password management and changing factory defaults
Recently discovered weaknesses in a widely used router may leave critical infrastructure vulnerable to invasion. With this flaw, a guest or other unprivileged user account could easily obtain the privileges of an administrator account, possibly taking control of switches, applications, and any other industrial controls connected to the device. All of this is possible through a “factory account” with a default password which makers GarrettCom failed to remove or alter before distribution.
An advisory recommendation has been issued by the Industrial Control Systems Cyber Emergency Response Team which urges owners of the devices to install a security patch which permanently locks the troublesome factory account.
Though it appears the Trojan account comes only with these specialized routers, this article reminds us of the need to always review documentation for default passwords and change them. If this is not a standard procedure whenever you deploy new technology (and a standard vulnerability in your drill-down risk assessments!) you are eventually going to be at-risk not because of a patch issue or a user issue, but because of a configuration issue.
Original article by Dan Goodin
Read the full article here.
Leave a comment
We have recently made a significant change to our Incident Response Policy regarding Read more
Even if you haven’t ever used Facebook, your friends and family may have already let Read more
Just in time for the next round of SOC reviews, we’ve reviewed and updated our metric Read more
Another awareness poster for YOUR customers (and users). Now that we have our own em Read more