Hackers Fail To Contaminate Florida Water

Uploaded on 2021-02-19 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Production-Utilities

Hackers broke into the computer system of a facility that treats water for about 15,000 people near Tampa, Florida and sought to add a dangerous level of additive to the water supply, the Pinellas County Sheriff saysThe criminals infiltrated a treatment plant and boosted Sodium Hydroxide to dangerous levels. The attack occurred 20 miles from the site of the Super Bowl, two days before the game was to be played.

The initial attempt was thwarted. The hackers remotely gained access to a software program, named TeamViewer, on the computer of an employee at the facility for the town of Oldsmar to gain control of other systems. The affected water treatment facility is a public utility owned by the town of Oldsmar (15,000 inhabitants) which has its own internal IT team. 

The incident took place over the course of the day, with hackers first infiltrating the Oldsmar water treatment plant. The hackers then increased the amount of sodium hydroxide being distributed into the water supply. The chemical is typically used in small amounts to control the acidity of water, but at higher levels is dangerous to consume. 

TeamViewer is a widely used software application that allows easy access to machines remotely from anywhere, and is often used for remote IT troubleshooting  and technical assistance. “The guy was sitting there monitoring the computer as he’s supposed to and all of a sudden he sees a window pop up that the computer has been accessed... The next thing you know someone is dragging the mouse and clicking around and opening programs and manipulating the system.” said the Sheriff. Team Viewer  has been installed on 2.5 billion devices worldwide, enables remote technical support among other applications.

The plant employee alerted his employer, who called the Sheriff and the water treatment facility was able to quickly reverse the command, leading to minimal impact.

The leading cybersecurity firm Fireweed attributed an increase in hacking attempts it has seen in the last year mostly to novices seeking to learn about remotely accessible industrial systems.Many victims appear to have been selected arbitrarily and no serious damage was caused in any of the cases – in part because of safety mechanisms and professional monitoring, Fireweed analyst Daniel Appellant Zara said in a statement. “While the (Oldsmar) incident does not appear to be particularly complex, it highlights the need to strengthen the cybersecurity capabilities across the water and wastewater industry,” he said.

It is not known if the hack was done from within the US and  his latest attack in Florida will do nothing to calm cyber security experts who've been warning for years that critical national infrastructure facilities are being targeted. Water, electricity, nuclear plants and transport are being probed for weaknesses all the time not just because of the potential for mass disruption but also because they are often running on obsolete and vulnerable IT systems.  

Reuters:       Al Jazeera:         CNet:      USNews:           BBC:         ITPro:        

You Might Also Read: 

Iran Fingered For Attack On Israeli Water Infrastructure:

 

« France Responds To Cyber Attacks
Cyber Security Insights For Executives »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Covenco

Covenco

Covenco is a data management and IT infrastructure specialist. Working with customers to transform their IT environments, with data protection and security at the forefront of everything we do.

D3 Security

D3 Security

D3's Smart SOAR platform is at the forefront of the security automation revolution, helping clients around the world to rapidly identify, analyze, and resolve advanced threats.

Alsid

Alsid

Alsid helps corporates to anticipate attacks by detecting breaches before hackers can exploit them.

Kratikal

Kratikal

Kratikal provides a complete suite of manual and automated security testing services.

FraudWatch International

FraudWatch International

FraudWatch has been protecting client brands around the world since 2003, and are the leaders in online brand protection from phishing, malware, social media and mobile apps impersonation.

Tokio Marine HCC

Tokio Marine HCC

Tokio Marine HCC is a leading specialty insurance group with a Financial and Professional product line including Tech and Cyber.

InfoLock

InfoLock

Infolock are experts in data governance, providing consulting and advisory services that help organizations effectively secure, manage, and optimize their data.

Aversafe

Aversafe

Aversafe provides individuals, employers and certificate issuers around the world with a first line of defense against credential fraud.

Apptega

Apptega

Apptega is an award-Winning Cybersecurity and Compliance Platform. Our mission is to make cybersecurity and compliance easy for everyone.

Paradyn

Paradyn

Paradyn-managed security services can provide a holistic view of your business environment, no matter how simple or complex it is.

Bitdefender

Bitdefender

Bitdefender is a cybersecurity leader delivering best-in-class threat prevention, detection, and response solutions worldwide.

ReachOut Technology

ReachOut Technology

ReachOut is a transformative approach to IT Security, Support, and Guidance. But we’re more than that. We’re passionate IT experts driven to make solutions to your problems.

Cura Technology

Cura Technology

Cura Technology offers a wide array of security solutions meticulously designed to address specific facets of your security requirements.

Pvotal Technologies

Pvotal Technologies

Pvotal Technologies engineer complex, automated processes aligned with best AIOps, BizDevOps, DevSecOps, CloudOps, and ITOps practices.

NetSentries Technologies

NetSentries Technologies

NetSentries provide smart cybersecurity solutions and services to protect Governments, Enterprise and Individuals from threats through a comprehensive range of protocols, products and services.

Slide

Slide

Slide is a modern, security-first Business Continuity & Disaster Recovery (BCDR) company built exclusively for Managed Service Providers.