Someone tried to poison Oldsmar's water supply during hack, Sheriff says
Source: Tampa Bay Times
Pinellas Sheriff Bob Gualtieri said the attacker tried to raise levels of sodium hydroxide, also known as lye, by a factor of more than 100.
Local and federal authorities are investigating after an attempt Friday to poison the city of Oldsmars water supply, Pinellas County Sheriff Bob Gualtieri said.
Someone remotely accessed a computer for the citys water treatment system and briefly increased the amount of sodium hydroxide, also known as lye, by a factor of more than 100, Gualtieri said at a news conference Monday. The chemical is used in small amounts to control the acidity of water but its also a corrosive compound commonly found in household cleaning supplies such as liquid drain cleaners.
The citys water supply was not affected. A supervisor working remotely saw the concentration being changed on his computer screen and immediately reverted it, Gualtieri said. City officials on Monday emphasized that several other safeguards are in place to prevent contaminated water from entering the water supply and said theyve disabled the remote-access system used in the attack.
The Pinellas County Sheriffs Office is investigating, along with the FBI and the Secret Service, Gualtieri said.
Read more: https://www.tampabay.com/news/pinellas/2021/02/08/someone-tried-to-poison-oldsmars-water-supply-during-hack-sheriff-says/
This is a clear example of how vulnerable SCADA systems that control our vital infrastructure elements are.
There are no doubt thousands of systems just as vulnerable.
BusyBeingBest
(8,059 posts)oasis
(49,410 posts)electric_blue68
(14,953 posts)lagomorph777
(30,613 posts)electric_blue68
(14,953 posts)LeftInTX
(25,572 posts)If they were trolling for insecure sites, they probably would just done a small change and watched if the water district responded.
lagomorph777
(30,613 posts)To remind us that Putin has hacked just about everything in the USA, and he can throw us into the stone age at the flip of a switch.
paleotn
(17,989 posts)Mutually assured destruction.
lagomorph777
(30,613 posts)I assume Trump did everything in his power to neuter our cyber capability; Biden will have a big, urgent job to repair it.
paleotn
(17,989 posts)or professionals making a point. Hard to tell. If it is professionals, like nation state professionals, they have to know that with a few key strokes the US can turn off the lights in Moscow for a very, very long time. In cyberspace, we're back to mutually assured destruction.
jmowreader
(50,566 posts)Why, exactly, was this computer connected to the Internet in the first place?
packman
(16,296 posts)Letting the fox into the hen house - venerability level on the internet is high
pfitz59
(10,396 posts)Most large water treatment systems have remote monitoring and operation programming. Valves, reservoirs, treatments, alarms can all be remotely accessed and controlled. Too expensive to have every station manned 24/7. This applies to potable water supplies, sewerage and storm drains.
WhiteTara
(29,723 posts)progree
(10,920 posts)the Internet ... well there was Arpanet, but our SCADA systems didn't utilize it.
Spoken from an electric utility perspective.
When I put in the title, "Not necessarily connected to the Internet", I was being cautious, who knows what shortcuts they took.
whopis01
(3,523 posts)Either directly or indirectly.
That sounds to me like they have a control interface running on a typical PC, which is likely connected to the Internet. So the SCADA system itself might not be directly connected to the Internet - but computers that can talk to it are.
paleotn
(17,989 posts)Other than Iranian gas centrifuges. That took a thumb drive.
LeftInTX
(25,572 posts)Dem2theMax
(9,655 posts)What in the world have we become?
msfiddlestix
(7,286 posts)So why would someone want to deliberately poison an entire community?
Someone who is mentally deranged? But what's the motive? Is it political? Is this community primarily people of color? Democratic stronghold (voters)? Is this an Elite community? Predominately White? Republican holdout?
Just curious as to motive.
LeftInTX
(25,572 posts)Probably just another day in Florida man's life.....that's my hunch....some people just are sick
LeftInTX
(25,572 posts)Although a suburb, maybe this was the only system they could hack?
3littlebeans
(9 posts)"The hubris of American exceptionalism a myth of global superiority laid bare in Americas pandemic death toll is what got us here. We thought we could outsmart our enemies. More hacking, more offense, not better defense, was our answer to an increasingly virtual world order, even as we made ourselves more vulnerable, hooking up water treatment facilities, railways, thermostats and insulin pumps to the web, at a rate of 127 new devices per second.
At the N.S.A., whose dual mission is gathering intelligence around the world and defending American secrets, offense eclipsed defense long ago. For every hundred cyberwarriors working offense searching and stockpiling holes in technology to exploit for espionage or battlefield preparations there was often only one lonely analyst playing defense to close them shut."
https://www.nytimes.com/2021/02/06/technology/cyber-hackers-usa.html#click=https://t.co/q9B9rHnsZv
dalton99a
(81,617 posts)February 8, 202 13:28 PM Updated an hour ago
Hackers try to contaminate Florida town's water supply through computer breach
By Christopher Bing
(Reuters) - Hackers broke into the computer system of a facility that treats water for about 15,000 people near Tampa, Florida and sought to add a dangerous level of additive to the water supply, the Pinellas County Sheriff said on Monday.
The attempt on Friday was thwarted. The hackers remotely gained access to a software program, named TeamViewer, on the computer of an employee at the facility for the town of Oldsmar to gain control of other systems, Sheriff Bob Gualtieri said in an interview.
The guy was sitting there monitoring the computer as hes supposed to and all of a sudden he sees a window pop up that the computer has been accessed, Gualtieri said. The next thing you know someone is dragging the mouse and clicking around and opening programs and manipulating the system.
The hackers then increased the amount of sodium hydroxide, also known as lye, being distributed into the water supply. The chemical is typically used in small amounts to control the acidity of water, but at higher levels is dangerous to consume.
The plant employee alerted his employer, who called the sheriff. The water treatment facility was able to quickly reverse the command, leading to minimal impact.
TeamViewer, which says on its website that its software has been installed on 2.5 billion devices worldwide, enables remote technical support among other applications.
The FBI and Secret Service have been called in to assist in an investigation. Gualtieri said he does not know who is responsible for the cyberattack.
pecosbob
(7,545 posts)I wonder if this is in retaliation to the U.S. moving strategic bombers to Norway...