The US Cybersecurity and Infrastructure Security Agency (CISA) has urged manufacturers to stop using default passwords on internet-exposed systems due to the threat posed by malicious actors. The organization highlighted a recent incident in which Iranian threat actors used default passwords to gain access to critical systems. Since default passwords are regularly identical across a vendor’s product line and publicly documented, they can easily be exploited by threat actors.
- CISA recommends manufacturers apply secure by design principles, such as providing unique setup passwords or disabling default passwords after a set period.
- Enabling phishing-resistant multi-factor authentication methods and performing field tests to comprehend consumer product deployment are also suggested measures by CISA.
- The organization joined forces with the FBI, NSA, Polish Military Counterintelligence Service, CERT Polska, and the UK’s National Cyber Security Centre to release an advisory warning of Russian Foreign Intelligence Service-related threats exploiting CVE-2023-42793 “at a large scale”.
- The NSA, Office of the Director of National Intelligence (ODNI), and CISA have jointly published practices to improve software supply chain security and management of open-source software.
Ahead of Western elections in 2024, the agencies anticipate a rise in cyberattacks. Additionally, the UK has accused Russia’s Security Service, the FSB, of conducting a ongoing cyber-hacking campaign against politicians and public figures.
The warning from CISA is a critical reminder for organizations to maintain up-to-date security practices and mitigate the risks of potential exploits and cyberattacks.