Vulnerabilities related to the exposure of passwords can pose a significant risk to industrial control systems (ICS) and other types of operational technology (OT). Threat actors exploiting weak or default passwords to conduct attacks aimed at ICS systems are a reality. In addition to default passwords, software vulnerabilities that can allow attackers to obtain a product’s password can also pose a significant risk to organizations. “Encryption, VPN, changing default passwords, and, of course, multi-factor authentication are all security best practices that are imperative to deploy in industrial environments,” Seara, the CEO and founder at DeNexus, said.

Read more: https://www.securityweek.com/prevalence-and-impact-of-password-exposure-vulnerabilities-in-ics-ot/