Water plant in Oldsmar, Florida. targeted by a hacker in a horrific cyber attack last week is said to have exhibited very poor IT security practices. Recent updates from government authorities claim that the installation did not have some basic network protections – including a firewall.
If you missed it, a hacker would have hijacked the factory’s operational controls on Friday, temporarily leading to the content of sodium hydroxide in the water at poisonous levels. The unit is the main source of drinking water for the city’s 15,000 inhabitants. Although a factory operator eventually managed to bring water back to normal levels, the incident nevertheless sparked a national conversation about the state of security in America’s critical infrastructure.
Like many such facilities, Oldsmar uses a SCADA (short for “surveillance control and data acquisition system”) Which allows staff to monitor and control the conditions within the facility. At the same time, staff also used TeamViewer, a fairly common remote access program that can be used to monitor and control SCADA systems.
According to a new cybersecurity consultancy in the state of Massachusetts, plant protection for these systems has left something to be desired. Not only did the facility use Windows 7 – outdated software which Microsoft no longer supports“But all of his employees apparently shared the same password to access TeamViewer.” In addition, the adviser claims that the facility “appeared to be connected directly to the Internet without any firewall protection being installed”.
Yes, not exactly a five star review. The FBI reiterated the weak assessment on Wednesday, which issued an alert to private industry leaders about the Oldsmar incident. The office said that hackers undoubtedly exploited the “cybersecurity vulnerabilities” of the facility and warned companies against similar practices:
“Cyber actors may have accessed the system by exploiting the weaknesses of cybersecurity, including poor password security and an outdated Windows 7 operating system to compromise the software used to remotely manage water treatment. The actor also probably used TeamViewer desktop sharing software to gain unauthorized access to the system. ”
G / O Media may receive a commission
Both the FBI and the Massachusetts adviser seem to confirm that the hackers managed to gain access through TeamViewer, accessing either through low password security or through the outdated Windows 7 program used by the installation.
All industrial organizations operate with a symbiotic mix of information and operational technology – and cyber researchers have often made assumptions about the types of horrors that await in a world where evil actors can use the former to command him from follow. Oldsmar certainly gave that conversation in hyperdrive – stimulating a broader conversation about how to protect America’s critical infrastructure.
Finally, the city’s weaknesses are also not so surprising. State and local governments have long lagged behind federal agencies and the private sector in terms of security – a central reason for lawmakers he pushed to drive federal funds down to state and local cybersecurity agencies. The Oldsmar incident – combined with the shock waves from SolarWinds ongoing scandal– further stimulated demand for more general investment in public sector cyber security, which the new Biden administration he promised he would do well.