![]() ![]() ![]() The attack could enable an intruder to access files containing user names and passwords. The system is vulnerable to a “directory traversal attack,” a well-known technique among hackers, the alert said. The alert follows a Washington Post report Thursday that described Niagara and the vulnerabilities, which were discovered by two security specialists who work as “white hat” hackers, Billy Rios and Terry McCorkle. ![]() Change default user names and passwords.Lock out accounts that receive excessive invalid login attempts.“Disable the ‘guest’ and ‘demo’ user accounts if enabled,” says the alert, issued by the department’s Industrial Control Systems Cyber Emergency Response Team. In an alert issued Friday, cybersecurity officials said that Niagara users should immediately prohibit guest users, bolster passwords, cut off direct access to the Internet and take other steps to prevent hackers from exploiting configuration and software flaws. The software system known as the Niagara Framework enables corporate, military, health-care and other users to remotely control or monitor medical devices, elevators, video cameras, security systems and a wide array of other sensitive operations. The Department of Homeland Security on Friday warned that a popular system used by organizations around the world to manage millions of machines and devices over the Internet is vulnerable to attack from hackers.
0 Comments
Leave a Reply. |