“Be on the lookout” for hackers who exploit remote access software and outdated operating systems – and to take risk mitigation steps. “
Following the hacking of a Florida water treatment plant in 2021, the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning to the operators of other plants.
Is this good advice? Yes. Is this practical advice? Hmmm…Understaffed water, power and transportation organization with limited resources, lack of knowledge and sparse security measures in place to combat the current threat landscape could be running a bit behind. “To be on the lookout” for sophisticated nation state threat actors is a daunting task to say the least, even with the latest threat detection and response solutions in place.
According to Michael Arceneaux, managing director of the Water Information Sharing and Analysis Center, a Washington, D.C.-based group, Water utilities that don’t have the resources and need technical training and help setting up secure systems, selecting software and hardware, and operating the technology.
CISA also warned that water treatment facilities that use unsecured or poorly configured remote access tools and outdated operating systems risk hacker attacks targeting their industrial control systems and SCADA systems
“Upgrading to an operating system newer than Windows 7 and securing TeamViewer are good recommendations not only for other organizations with ICS and SCADA but also for any organization in any industry that uses them."
Shodan.io is often called one of the scariest search engine on the internet. Why? Shodan searches have discovered control systems for a water park, a command and control systems for nuclear power plants and other critical connected systems . Its easy for anyone to search for “default password” and it reveals countless printers, servers and system control devices that use “admin” as their user name and “1234” as a password, and not surprising many more connected systems require no credentials at all — all you need to discover this information is a web browser.
Reviewing top vulnerabilities that expose ICS/SCADA systems, Microsoft/ Cyberx 2019 Analysis of 1,821 IoT ICS networks yielded the following findings:
62% of sites have outdated and unsupported Microsoft Windows boxes such as Windows XP and Windows 2000, which means they no longer receive security patches from Microsoft. The figure jumps to 71% if we include Windows 7, which reaches end-of-support status in January 2020.
Nearly two-thirds of Operators (64%) have unencrypted passwords traversing across their networks — with more than half (54%) incorporating devices that are remotely accessible via standard remote management protocols such as Remote Desktop Protocol (RDP), SSH and VNC — making it fairly easy for bad actors to pivot undetected from a single compromised system.
As noted above, 54% of sites have devices that can be remotely accessed using standard protocols such as RDP, SSH, and VNC. A common attack vectors for ransomware is RDP, that enable attackers gain access by stealing remote access credentials through phishing attacks, social engineering or even basic brute force attacks. Remote access enables attackers to move laterally from IT to OT networks silently expanding their presence and potential damage throughout networks.
More than a quarter (27%) of sites analyzed have direct connections to the internet, making them potential targets of malware, targeted attacks, and even simple phishing attacks. Penetration Testers and malicious hackers both know that it takes only one internet-connected device to provide that gateway into a IoT/ICS network.
Critical infrastructures is an umbrella term for government assets that are essential in our health, jobs and the overall quality of our lives. There are main sectors such as:
• Dams Sector
• Chemical Sector
• Communications Sector
• Energy Sector
• Defense Industrial Base Sector
• Emergency Services Sector
• Critical Manufacturing Sector
• Commercial Facilities Sector
Examples of a critical infrastructure are roadways, railways, bridges, tunnels, clean water flow and overall, every day-to-day transportation which allows us to get to work, home and the grocery store down the street.
Other examples include:
• Communications
• Water dams
• Emergency services such as 911
• Nuclear Reactors, materials and waste
• Energy
• Finance
“The U.S. grid’s distribution systems—which carry electricity from transmission systems to consumers and are regulated primarily by states—are increasingly at risk from cyberattacks. Distribution systems are growing more vulnerable, in part because of industrial control systems’ increasing connectivity. As a result, threat actors can use multiple techniques to access those systems and potentially disrupt operations.” GAO
Legacy systems need to be tested and vulnerabilities need to be identified, quickly. Cyber Threats are increasing and bad actors have momentum on their side. Redbot Security has seen first hand the lack of security within Critical Infrastructure networks along with the lack of knowledge operators of these systems have.
If you are looking to find exploitable vulnerabilities on your OT/IT networks, Manual Controlled Penetration Testing (MCPT) is an easy to execute cost effective solution.
With Redbot Security you get reports written by experts that highlight key data and exactly how targets were compromised as well as recommendations on best practices along with complete review of remediation recommendations.
Redbot Security’s MCPT is a complete service provided by our team of ICS/SCADA experts to ensure that vulnerabilities are minimized and that your defenses are running in top shape by offering the following:
Redbot Security’s hybrid approach to penetration testing sources industry-leading frameworks and combines senior-level talent with over 20 years of experience to tailor all client engagements. Some frameworks and testing guides leveraged by Redbot Security include:
• NIST Special Publication 800-115
• PCI Penetration Testing Guide
• Open Web Application Security Project
• OWASP WSTGv4
• OWASP Top 10 Lists
• OWASP Security Projects
• Pentation Testing Execution Standard (PTES)
• Open Source Security Testing Methodology Manual (OSSTMM)
• Information Systems Security Assessment Framework (ISSAF)
• MITRE ATT&CK Framework
Redbot Security – MCPT® is a controlled assessment of Networks and applications – safely identifying and validating real world vulnerabilities that are potentially exploitable. MCPT removes false positives – creating detailed remediation steps – resolving network and application security issues quickly.
Senior Level Personnel within Redbot Security’s combined Penetration Testing Team certifications:
Amazon Web Services Cloud Practitioner, CompTIA A+ CISSP, Certified Cloudera Administrator for Hadoop (CCAH), Certified Ethical Hacker (CEH), Cisco Certified Network Associate (CCNA), GIAC CompTIA Linux+, Marine Corp Red Team Operator, Metasploit Professional, Certified Specialist Nexpose, Certified Administrator (NCA,) Microsoft Certified Professional (MCP), CompTIA Network+, CompTIA IT, Operations Specialist (CIOS), CompTIA Secure Infrastructure Specialist (CSIS), Offensive Security Certified Professional (OSCP), GIAC Certified Penetration Tester (GPEN), Metasploit Professional, Certified Specialist Rapid7, Advanced Vulnerability Manager Rapid7, Network Assault Certified Rapid7, Application Assault Certified, GIAC Exploit Researcher, Advanced Penetration Tester (GXPN), GIAC Mobile Device Security Analyst (GMOB), GIAC Advanced Smartphone Forensics (GASF), GIAC Reverse Engineering Malware (GREM), GIAC Network Forensics Analyst (GNFA), GIAC Certified Intrusion Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), GIAC Security Essentials (GSEC), Portswigger Burpsuite Certified Practitioner, Cisco Certified Network Associate (CCNA), Cisco Certified Network Associate-wireless, CompTIA Network+, US Navy Joint Cyber Analyst Course (JCAC)
Our expert team will help scope your project and provide a fast and accurate project estimate.
Contact Redbot Security
While penetration testing is valuable in identifying technical vulnerabilities, red teaming provides a more holistic assessment by simulating realistic threat scenarios. By embracing red teaming, organizations can bolster their defenses, uncover weaknesses, and stay one step ahead of sophisticated adversaries.
Becoming proficient in Operational Technology (OT), Industrial Control Systems (ICS), and Supervisory Control and Data Acquisition (SCADA) network testing can appear daunting as there are fewer learning resources.
Today, cybercriminals have plenty of entry points to exploit. Therefore, it has become crucial for organizations to improve their attack surface visibility to have more effective protection. This is where attack surface management (ASM) comes into play. This article will explore all about attack surface management (ASM), including its importance, working principle, and benefits.
Cybercriminals are ditching malware and exploiting trusted tools already inside your systems. Learn how Living off the Land (LotL) attacks work, and how to stop them.
From API-server exploits to supply-chain threats, this checklist shows how the best penetration testing companies harden Kubernetes. Boost resilience now.
The FBI released its FY 2024 IC3 Annual Report on April 24, 2025, detailing 859,532 complaints and a record $16.6 billion in losses. In this post, we highlight how phishing, BEC, and cryptocurrency fraud continue to surge, why ransomware remains a top threat to critical infrastructure, and which demographics are most at risk. Plus, discover Redbot Security’s proven strategies,from manual penetration testing to red teaming, that can help you turn IC3 data into actionable defenses.
Malicious actors prey on weak configurations like locusts. Microsoft, despite knowing that their operating systems, have inherent weaknesses have done little to enhance their initial security outside of remediation for publicly known vulnerabilities.
The following article is a discussion about helping you to best utilize your military skills to successfully transition into the commercial space.
The following article is a discussion that explores JavaScript Web Tokens
The following article is a discussion that explores Wave Behaviors to Locate Wireless Access Points and Devices
Should an Employee Report Security Incidents Involving Family Members? Is your business or job at risk if a bad actor gets access to your family. Will they gain access to you?
The likelihood of a cyber attack on a mobile platform is significantly high, but how difficult is it for a malicious actor to generate malware? You might be surprised.
Insecure Direct Object Reference (IDOR) vulnerabilities pose a significant risk to the security of web applications, allowing attackers unauthorized access to sensitive data and functionalities. By understanding the implications of IDOR and adopting secure coding practices, web developers can protect their applications and users from potential exploitation.
Mass Assignment Vulnerability occurs when a web application allows users to submit a more extensive set of data than is intended or safe. The potential consequences of this vulnerability can be severe
Attackers can manipulate the serialized data to execute malicious code, compromise the application, or gain unauthorized access.
Kerberos Authentication Service Response (AS-REP) Roasting, a technique similar to Kerberoasting, has gained prominence as a method for attackers to compromise Active Directory (AD) authentication systems.
Machine Learning (ML) is a subset of AI, and, more than likely, closely aligns with what we consider to be AI in the media.
Recent reports of significant cybersecurity layoffs in the United States have raised concerns about the nation’s preparedness to defend against cyber threats
While plenty of articles cover the Modbus protocol with varying degrees of detail and usage, this article aims to examine the Modbus protocol with an offensive security lens.
What is an API? APIs, including local and remote, come in various forms and are fundamental to modern software development. They serve as the bridge between different software components, enabling them to work together seamlessly.
Active Directory Certificate Services (AD CS) presents various security risks for organizations. This article will help you understand a Relay Attack.
Client-side desyncs are a class of browser-powered HTTP smuggling attacks. What you need to know and how to prevent a malicious actor from taking advantage of this vulnerability.
As a Senior Penetration Tester, I’ve witnessed firsthand how OSINT can be the linchpin in the security posture of an organization.
Through repeated random sampling, allows us to simulate a wide array of social engineering attacks with a depth and breadth previously unimaginable.
Is your security team sharing sensitive data unknowingly?
Our nation is under attack and overwhelmed. Modern Security teams face numerous challenges in managing network and application security effectively.
Our nation is under attack and overwhelmed. Modern Security teams face numerous challenges in managing network and application security effectively.
Increasingly, investors see proactive cybersecurity spending as a hallmark of strong corporate governance. It can be factored into how they value a company’s resilience and risk profile
With data breaches surging by 68% last year alone, cybersecurity has evolved from a low-key technical matter into a defining issue demanding top-level attention.
Cymbiotic Hive: The Simple, Rapid-Deployment Solution to Access Management
Redbot Security’s senior-level cloud security team brings years of expertise in AWS, GCP, and Azure security. Our approach is rooted in manual-controlled testing and deep-dive security analysis, ensuring that we uncover hidden vulnerabilities that automated tools often miss.
Internal network penetration testing is essential for identifying security gaps within an organization’s infrastructure. Attackers exploit misconfigured permissions, weak credentials, and unpatched vulnerabilities to escalate privileges and move laterally within networks. A thorough penetration test helps uncover these risks before they are exploited, ensuring stronger security controls, improved access management, and compliance with industry standards. Redbot Security’s expert-led penetration testing provides in-depth assessments to fortify your internal network against evolving threats.
Understanding NIST 800 and Its Impact on Penetration Testing Requirements.
From pipelines and water systems to power grids and transit networks, U.S. critical infrastructure is under siege. With CISA budget slashed, is a national cyber disaster inevitable?
Check out the latest cybersecurity news around the globe
Cymbiotic will provide unparalleled security insight with the ability to manage teams, clients, on-demand testing with rapid internal VM deployment […]
From this week, the global technology industry has a new database to check for the latest software […]
In a move that may redefine how the US government communicates cyber threats to the public and […]
Die Kernaussage der EIC Conference 2025: IAM ist ein ganzheitlicher Architekturansatz und kein […]
loading="lazy" width="400px">So sehen Siegerinnen und Sieger aus. Die Gewinnerinnen und Gewinner […]
Volker Buß joined the German multinational science and technology company Merck Group in 2021. […]
Our expert team will help scope your project and provide a fast and accurate project estimate.
Contact Redbot Security
Redbot Social