Water sector cybersecurity is on the federal mind in 2024.

In early Dec. 2023, attackers linked to Iran infiltrated 11 separate water systems across the country through Unitronics servers. The attacks were made easier because many users had simple passwords like “1111” to connect to the internet, allowing the threat actors access.

Waterfront House. On Feb. 6, the House Committee on Homeland Security held a hearing on the threats to water systems’ operational technology and the potential danger to IT systems from that expanded threat surface.

Witness Dr. Charles Clancy, SVP and general manager of Mitre Labs, argued that while the government’s responses to cyberattacks on other infrastructure can often use proportionality in deciding how to target threats—citing sanctions against Iran as an example—attacks on the water sector are something else entirely, requiring a more robust response.

“We must think of these attacks in the same vein as a major natural disaster,” Clancy said. “Where the solution is not technology Band-Aids, but it’s more about procedures and people. We need to plan, practice, and be prepared to act.”

Read more here.—EH

Do you work in IT or have information about your IT department you want to share? Email [email protected].

Morning Brew’s unique community of young, hard-to-reach readers (that’s 22m+ monthly readers who are 1.7x more likely to have a household income of $150k+, to be exact) can give your B2B offerings the visibility you’re looking for.

B2B decision-makers, it’s crucial to get your business’s potential in front of the right s. That’s why the Brew’s paid advertising opportunities connect your brand to our audience by leveraging our popular B2B-centric franchise newsletters, specialized events, and skyrocketing collection of multimedia content.

Morning Brew is powered by the knowledge you need. From Marketing Brew’s trending insights to CFO Brew’s timely updates, we’ve got a B2B Brew for you. Choose yours to grow with.

It sounds like a horror movie, but researchers from Technion–Israel Institute of Technology, Intuit, and Cornell Tech expect a future of AI-powered worms.

In a demo and study they shared exclusively with Wired, team members Ben Nassi, Stav Cohen, and Ron Bitton used an “adversarial self-replicating prompt” to copy itself to the connected parts of a generative AI ecosystem—potentially stealing data and/or sending spam as it crept and crawled. Like the computer worms of old, the recent “zero-click” demo has the potential to hit plenty of unprepared end-users.

“It basically means that now you have the ability to conduct or to perform a new kind of cyberattack that hasn't been seen before,” Nassi told Wired.

Oh, great. Another reboot from the ’80s. The worm, dubbed Morris II, is named after its predecessor computer worm from 1988. That version (the OG Morris!) spread to about 6,000 of 60,000 networked devices. The 2024 reboot targets connected chatbots, virtual assistants, and other connected generative AI-powered agents.

Read more here.—BH

Do you work in IT or have information about your IT department you want to share? Email [email protected].

Time flies, and so does IT news across the globe. IT Brew rounded up three of the most interesting international tech news stories in the last month.

NSO Group must give up Pegasus code

Israeli cyber-espionage firm NSO Group must give WhatsApp access to source code for its Pegasus spyware, a US district court judge ruled.

NSO has earned a dubious reputation after media organizations and nonprofits like the University of Toronto’s Citizen Lab repeatedly flagged Pegasus’s use by authoritarian governments to attack journalists, activists, and others. In 2019, WhatsApp owner Facebook (now Meta) sued NSO after concluding that the firm had exploited a vulnerability in the chat app to infect over 1,400 phones with malware.

According to TechRadar, US District Court Judge Phyllis Hamilton ruled that WhatsApp was entitled to “information concerning the full functionality of the relevant spyware,” granting it access to source code for Pegasus and other malware from April 2018 to May 2020. The order allows NSO Group to keep the identities of clients and other data like server architectures confidential.

Keep reading here.—TM

Do you work in IT or have information about your IT department you want to share? Email [email protected]. Want to go encrypted? Ask Tom for his Signal.