Want latest news insights in your inbox? Sign up for our weekly newsletters to get only what matters to your organization. Subscribe Now
Outlining real-world attacks against water, oil and gas, and agriculture industries, Canada’s Centre for Cyber Security highlights the growing risks of internet-exposed ICS devices.
Rising Threats to Critical Infrastructure
Canada’s Centre for Cyber Security (CCCS) has issued a stark warning to organizations managing industrial control systems (ICS), emphasizing the growing wave of hacktivist activity targeting critical sectors such as water utilities, oil and gas, and agriculture.
The agency’s latest alert cites real-world attacks where hackers exploited internet-exposed ICS devices, leading to disruptions and near-miss incidents that could have endangered public safety.
“While individual organizations may not be direct targets, many have become victims of opportunity as hacktivists exploit exposed systems to gain media attention and damage reputations,” the CCCS said.
Water Utilities Under Attack
In one incident, hackers accessed a water utility’s control system and tampered with water pressure values, affecting service to customers. This mirrors past attacks in the United States, including the 2023 Cyber Av3ngers breach at the Municipal Water Authority of Aliquippa, Pennsylvania, and the 2021 Oldsmar, Florida incident, where an attacker attempted to alter chemical levels in drinking water.
Security experts have observed an uptick in cyberattacks on water utilities, many linked to threat groups supporting Iran, Russia, and China.
Oil and Gas Companies Face Tank Gauge Manipulation
The CCCS also detailed a case involving a Canadian oil and gas company whose automated tank gauge (ATG) was compromised. Attackers manipulated fuel level and pressure readings, triggering false alarms and creating potential safety risks.
ATGs are widely used to monitor fuel storage conditions at gas stations, power plants, airports, and military bases. Previous research has revealed that thousands of ATGs are directly accessible online without authentication, making them attractive targets for malicious actors.
Agriculture Sector Not Immune
A third attack targeted a Canadian farm, where hackers interfered with systems controlling temperature and humidity in a grain-drying silo. If undetected, the manipulation could have led to unsafe storage conditions and significant crop losses.
These incidents demonstrate that hacktivist activity is expanding beyond traditional targets, posing threats to sectors that directly impact food safety and human health.
Urgent Call for Secure Remote Management
The CCCS emphasized that while remote management of ICS devices is often necessary, organizations must avoid exposing control interfaces directly to the internet. Instead, they should implement secure, tested protocols — such as VPNs with multi-factor authentication (MFA) — for remote access.
This applies to various industrial systems, including:
-
Programmable Logic Controllers (PLCs)
-
Supervisory Control and Data Acquisition (SCADA)
-
Human-Machine Interfaces (HMIs)
-
Safety Instrumented Systems (SIS)
-
Building Management Systems (BMS)
-
Industrial IoT (IIoT) devices
“Provincial and territorial governments must coordinate with municipalities to ensure all systems are inventoried, documented, and protected,” the agency noted, stressing that many critical sectors — including water, food, and manufacturing — lack comprehensive cybersecurity oversight.
Expert Insight
The CCCS alert underscores the urgent need for stronger ICS cybersecurity frameworks, improved asset visibility, and continuous monitoring of operational technology (OT) environments. As hacktivists evolve their tactics, organizations can no longer rely on obscurity or outdated perimeter defenses.
By following best practices and government-issued guidance, critical infrastructure operators can significantly reduce exposure to opportunistic and targeted attacks.
