As many people had feared, hackers and other malicious actors have begun to target valuable infrastructure.
In Oldsmar, Florida, outside of Tampa, hackers were able to gain access of a water treatment facility. Then while the plant manager was watching, the hackers twice took control of his mouse, worked on it for up to five minutes and increased the amount of sodium hydroxide, or more commonly known as lye which is used to help with acidity levels, from ten parts per million to a caustic 11,100 parts per million before exiting as quickly as it came. The reason why the first one did not set off flags was that remote access is typically logged into check systems. This system because of the hack is now disabled.
According to Pinellas County Sheriff Bob Gualtieri, “At no time was there a significant adverse effect on the water being treated. Importantly, the public was never in danger.” The county also revealed that it would have taken more than a day to enter the water, and further redundancies were in place in case there was a change. Out of caution, they did warn people that this plant treated water for.
However, this hack has shown that many of the systems that keep cities running like gas, power, and water are just as vulnerable to breaches as companies. And these hacks can do damage that can be felt by people. It is not the first time something like this happened in recent memory. In Illinois in November, hackers suspected to be backed by Russia took control of a Water utility, while Israel stopped attempted hacks on their own water supply last year.
This type of attack shows that malicious actors are not afraid to attack public utilities and its only a matter of time before a serious incident occurs. This also proves that if something such as a utility is vulnerable, companies are at just as much as risk if not more so. Vigilance and intelligence are the key to limiting damage.
For our insights into cyber (Link)