Hacktivist Group GhostSec Compromises 55 Berghof PLCs Across Israel
Sep 12, 2022
A hacktivist collective called GhostSec has claimed credit for compromising as many as 55 Berghof programmable logic controllers ( PLCs ) used by Israeli organizations as part of a "Free Palestine" campaign. Industrial cybersecurity firm OTORIO, which dug deeper into the incident, said the breach was made possible owing to the fact that the PLCs were accessible through the Internet and were secured by trivially guessable credentials. Details of the compromise first came to light on September 4 after GhostSec shared a video on its Telegram channel demonstrating a successful login to the PLC's admin panel, in addition to dumping data from the hacked controllers. The Israeli company said the system dumps and screenshots were exported directly from the admin panel following unauthorized access to the controllers through their public IP addresses. GhostSec (aka Ghost Security), first identified in 2015, is a self-proclaimed vigilante group that was initially formed