U.S. law enforcement officials are investigating a hacker’s unsuccessful attempt to tamper with a Florida city’s water supply, an event that cybersecurity professionals view as yet another wake-up call that should cause the government to examine its role in protecting critical infrastructure from more skillful attackers.
On Monday, local officials from the city of Oldsmar and the surrounding Pinellas county said a “bad actor” used software that provides remote access to a public water treatment facility to increase the level of sodium hydroxide—the main ingredient in drain cleaners, which is used in small quantities to adjust pH levels—to a dangerous amount.
An operator at the plant intercepted the unlawful intrusion within three to five minutes and there were other systems in place to avoid catastrophe, the local authorities said, but they cautioned others to pay attention, saying “everyone should be on notice.”
“The federal government should be involved with this at every step of the way,” Kiersten Todt, who served as a cybersecurity adviser to President Obama, told Nextgov Tuesday. “It should not be delegated to a local regulatory authority.”
Todt said she has long been concerned about water utilities, noting that while some sectors have a huge presence in the nation’s capital through their trade associations, that’s not true for all critical infrastructure, particularly smaller resource-constrained entities that are delivering a public good.
“Energy, telecom and finance have a huge presence in Washington, D.C., but what is the presence of the water utilities, and how is the agency that's responsible for securing water utilities, working with them?” she said. “I think it very much is a wake-up call to look at how our government is orga ..
Support the originator by clicking the read the rest link below.
