Zombie user account let hackers control the city’s water
Summary
A former employee's dormant user account was exploited by hackers to gain control of a city's water systems. This breach highlights the critical importance of promptly disabling accounts for departed employees.
IFF Assessment
FOE
The exploitation of a dormant account leading to control of critical infrastructure is a significant security failure.
Defender Context
This incident underscores the persistent threat posed by 'zombie' or orphaned accounts. Defenders must prioritize robust identity and access management (IAM) policies, including immediate deprovisioning of user accounts upon employee termination, to prevent unauthorized access and potential system compromise.