Plaintext passwords, shared admin accounts, and insufficient logging rampant at mystery org

CISA is using the findings from a recent probe of an unidentified critical infrastructure organization to warn about the dangers of getting cybersecurity seriously wrong.

The US cybersecurity agency, along with experts from the US Coast Guard (USCG), identified myriad weaknesses in the mystery organization's approach to security, including storing credentials in plaintext.

Threat hunters did not find any signs of foul play, nor any malicious activity on the network, but published an extensive report of its findings on Thursday, highlighting risks such as:

• Insufficient logging
• Insecurely-stored credentials
• Shared local admin credentials across many workstations
• Unrestricted remote access for local admin accounts
• Insufficient network segmentation configuration between IT and operational technology assets
• Device misconfigurations

CISA's report did not explicitly state that the critical infrastructure organization in question operated in the marine industry. However, the fact that it collaborated with the USCG, and that many of its findings overlapped ...