In the USA right now there is a lot of attention on a cyberattack that successfully gained access to a water treatment plant’s network. The attacker made changes to chemical dosage settings, increasing them to extremely dangerous levels. The FBI has been investigating this attack, and on Tuesday sent out a Private Industry Notification (PIN) on the matter, specifically raising attention to the desktop sharing software TeamViewer.
The FBI PIN specifically names TeamViewer after the app was confirmed as the attacker’s entry point into the Oldsmar water treatment plant’s network. According to a Reuters news report, officials confirmed that TeamViewer was used on two separate occasions to remotely connect to a computer on the water treatment plant’s network. During the second breach, the attacker took control of an operator’s mouse, who sat and watched it move on his monitor all by itself!
Since the attack, several cybersecurity experts have been quick to criticise organisations that make use of products such as TeamViewer for the purposes of remote work, calling them “insecure” and “inadequate” for managing sensitive and business-critical data and assets. In addition the FBI said “Beyond its legitimate uses, TeamViewer allows cyber actors to exercise remote control over computer systems and drop files onto victim computers, making it functionally similar to Remote Access Trojans (RATs)”.
Do YOU use TeamViewer or similar products to facilitate remote working? If you have any concerns over how your remote workforce IT works, and whether it is secure and robust enough in today’s new way of working, please contact us to have a conversation about what you can do to make your business cyber secure.