Cyberattackers Make Waves in Hotel Swimming Pool Controls
Pool controllers exposed to the Internet with default passwords let threat actors tweak pool pH levels, and potentially more.
After the hacktivist group GhostSec bragged it had breached a hotel pool controller in Israel, a team of researchers decided to take a deep dive.
The cyberattack group didn't provide details about the operational technology (OT) breach, but researchers at Otorio found two Aegis II controllers exposed to the Internet with default passwords. The Aegis II controller is used to control the chemical concentration in water in locations such as pools.
Last week, GhostSec first claimed it breached 55 Berghof programmable logic controllers (PLCs) across Israel. On Sept. 10, the group claimed it had control over an unidentified hotel's pool water system.
GhostSec warned in a posted message that while it has control of the pool's pH and chlorine levels, it wasn't interested in using the access to harm innocent people. The threat actors simply wanted to demonstrate the kind of damage they could do, the post added.
"Our research found two pool controllers that could be affected," the Otorio report said. "While we do not know for certain, it appears that the most likely aim of the breach was for the attackers to demonstrate that they had the ability to control the water's pH in the hotel's pools as GhostSec's Telegram message alleged."
The researchers noted that the incident underscores the potential dangerous real-world implications of OT cyberattacks.
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024