Hackers Fail To Contaminate Florida Water

Uploaded on 2021-02-19 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Production-Utilities

Hackers broke into the computer system of a facility that treats water for about 15,000 people near Tampa, Florida and sought to add a dangerous level of additive to the water supply, the Pinellas County Sheriff saysThe criminals infiltrated a treatment plant and boosted Sodium Hydroxide to dangerous levels. The attack occurred 20 miles from the site of the Super Bowl, two days before the game was to be played.

The initial attempt was thwarted. The hackers remotely gained access to a software program, named TeamViewer, on the computer of an employee at the facility for the town of Oldsmar to gain control of other systems. The affected water treatment facility is a public utility owned by the town of Oldsmar (15,000 inhabitants) which has its own internal IT team. 

The incident took place over the course of the day, with hackers first infiltrating the Oldsmar water treatment plant. The hackers then increased the amount of sodium hydroxide being distributed into the water supply. The chemical is typically used in small amounts to control the acidity of water, but at higher levels is dangerous to consume. 

TeamViewer is a widely used software application that allows easy access to machines remotely from anywhere, and is often used for remote IT troubleshooting  and technical assistance. “The guy was sitting there monitoring the computer as he’s supposed to and all of a sudden he sees a window pop up that the computer has been accessed... The next thing you know someone is dragging the mouse and clicking around and opening programs and manipulating the system.” said the Sheriff. Team Viewer  has been installed on 2.5 billion devices worldwide, enables remote technical support among other applications.

The plant employee alerted his employer, who called the Sheriff and the water treatment facility was able to quickly reverse the command, leading to minimal impact.

The leading cybersecurity firm Fireweed attributed an increase in hacking attempts it has seen in the last year mostly to novices seeking to learn about remotely accessible industrial systems.Many victims appear to have been selected arbitrarily and no serious damage was caused in any of the cases – in part because of safety mechanisms and professional monitoring, Fireweed analyst Daniel Appellant Zara said in a statement. “While the (Oldsmar) incident does not appear to be particularly complex, it highlights the need to strengthen the cybersecurity capabilities across the water and wastewater industry,” he said.

It is not known if the hack was done from within the US and  his latest attack in Florida will do nothing to calm cyber security experts who've been warning for years that critical national infrastructure facilities are being targeted. Water, electricity, nuclear plants and transport are being probed for weaknesses all the time not just because of the potential for mass disruption but also because they are often running on obsolete and vulnerable IT systems.  

Reuters:       Al Jazeera:         CNet:      USNews:           BBC:         ITPro:        

You Might Also Read: 

Iran Fingered For Attack On Israeli Water Infrastructure:

 

« France Responds To Cyber Attacks
Cyber Security Insights For Executives »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Security Magazine

Security Magazine

Security, the business magazine for security executives, focuses on management issues facing top security professionals and effective solutions being employed, both physical and cyber.

Security Industry Association (SIA)

Security Industry Association (SIA)

The SIA's mission is to be a catalyst for success​ within the global security industry through information, insight and influence.

CERT-IS

CERT-IS

CERT-IS is the national Computer Emergency Response Team for Iceland.

VMRay

VMRay

VMRay delivers advanced threat analysis and detection that combines a unique agentless hypervisor-based network sandbox with a real-time reputation engine.

Assured Enterprises

Assured Enterprises

Assured Enterprises provides comprehensive cyber risk identification, management and mitigation across all platforms.

Miratech

Miratech

Miratech is a global IT services and consulting organization offering a full range of IT infrastructure solutions and services including cyber security.

ActiveNav

ActiveNav

ActiveNav provide dark data discovery solutions for compliance and information governance.

Kainos

Kainos

Kainos is a leading provider of Digital Services and Platforms. Our services include Digital Transformation, Cyber Security, Cloud, AI, IoT and more.

Silent Sector

Silent Sector

Silent Sector is a cybersecurity services company that specializes in providing a wide range of managed security services.

Commonwealth Cyber Initiative (CCI)

Commonwealth Cyber Initiative (CCI)

The Commonwealth Cyber Initiative is establishing Virginia as a global center of excellence at the intersection of security, autonomous systems, and data.

Twingate

Twingate

Twingate help organizations secure and manage access to their technology resources in a world where people work from anywhere.

WheelHouse IT

WheelHouse IT

WheelHouse IT secures, manages, and advances businesses with innovative, cost-effective IT solutions.

Edgio

Edgio

Edgio provides unmatched speed, security, and simplicity at the edge through globally-scaled media and applications platforms.

Camelot Secure

Camelot Secure

Camelot Secure Secure360 platform is a holistic redefinition of what world-class cybersecurity strategies can be. Prepare. Protect. Deploy.

Huntr

Huntr

Huntr provides a single place for security researchers to submit vulnerabilities, to ensure the security and stability of AI/ML applications.

Boldend

Boldend

Boldend offers leading-edge offensive and defensive cybersecurity solutions that empower government and commercial organizations to stay resilient in an evolving threat landscape.