A public utility in the U.S. was compromised after attackers took advantage of a weak password security system, according to a U.S. Department of Homeland Security team that studies cyberattacks against critical infrastructure.
The utility's control system was accessible via Internet-facing hosts and used a simple password system, wrote the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) in a report on incidents covering the first quarter of this year.

The link for this article located at Network World is no longer available.