The U.S. government revealed this week that unknown hackers had managed to remotely access systems at a Florida city’s water plant and attempted to elevate levels of a certain chemical to a point where it would put the public at risk of being poisoned.
The attack, which targeted the water supply in Oldsmar, a small city in Florida, was discovered by staff at the plant — they noticed the mouse moving on the screen — and they rushed to take action before any damage was caused.
The attackers breached the facility via TeamViewer, which staff had been using to monitor systems remotely and respond to issues related to the water treatment process. The computers at the plant were running Windows 7 and all devices used the same password for remote access. Computers were remotely accessible from the internet and were not protected with firewalls, making it easier for the hackers to gain access.
Industry professionals have commented on various aspects of the breach, including implications and the measures organizations should take to prevent such incidents.
Daniel Kapellmann Zafra, Manager of Analysis, Mandiant Threat Intelligence:
“Since last year, Mandiant Threat Intelligence has observed an increase in cyber incidents perpetrated by low sophisticated actors seeking to access and learn about remotely accessible industrial systems. Many of the victims appear to have been selected arbitrarily, such as small critical infrastructure asset owners and operators who serve a limited population set. Through remote interaction with these systems, actors have engaged in limited-impact operations that often included manipulation of variables from physical processes. None of these cases has resulted in damage to people or infrastructure given that industrial processes are often designed and monitore ..
Support the originator by clicking the read the rest link below.
