(TLP:CLEAR) Remediate Password Reuse, Password Attacks Rampant Among Utilities

Summary: In a recent article, Cloudflare brings awareness to the rampant issue of reusing passwords. According to Cloudflare, based on “observed traffic between September – November 2024, 41% of successful logins across websites protected by Cloudflare involve compromised passwords.”

Analyst Note: As WaterISAC is aware of excessive password attacks among water utilities, being reported in the most recent WaterISAC quarterly incident survey (the incident report is yet to be published), there is a significant need to remediate this issue in the water sector. Perhaps the best way to approach this problem is through user awareness training and using password managers. While password managers aren’t perfect, they are certainly better than not using one, let alone reusing passwords that have likely been compromised. It’s also a good idea to check have i been pwned?, the largest database of compromised credentials that incorporates data from the largest data breaches, to see if organizational credentials have been compromised.

Original Source: https://blog.cloudflare.com/password-reuse-rampant-half-user-logins-compromised/

Additional Reading:

• Threat Awareness – (TLP:AMBER) Citrix NetScaler Password Spray Attack Observed in Energy and Water Sectors
• Threat Awareness – Surge in Password Reset Attacks Fuels Fraud and Account Takeovers

Mitigation Recommendations:

• Password managers: using browsers and apps to safely store your passwords
• Are password managers safe in 2025?

Related WaterISAC PIRs: 6, 10, 12