Hackers Breached A Florida Water Treatment Facility In Failed Attempt To Poison Residents

water treatment facility breached in florida
Some of the United State’s most critical infrastructure are incredibly vulnerable to attack, as we are now finding out. Last Friday, a plant operator at a water treatment facility in Oldsmar, Florida, noticed his mouse dashing around on the screen. The operator did not think much of it then, but when it happened a second time, security alarm bells were raised after the hacker attempted to raise the level of sodium hydroxide, or lye, 100-fold in the water supply.

According to the press conference with Pinellas County Sheriff Bob Gualtieri, the system was regularly accessed remotely, so the operator didn't think much of it. Upon the second attack and attempted change of sodium hydroxide through the “supervisory control and data acquisition” (SCADA) system, the plant operator quickly reverted the change and reported the issue. At present, Reuters reports that the remote access happened through TeamViewer, a popular remote access software, according to the sheriff.

While the increase of lye in the water supply could be bad for several reasons, Oldsmar mayor Eric Seidel stated that multiple systems would catch a change like this before it affected the water supply 24 to 36 hours later. Ultimately, nothing bad ended up happening, but there is most certainly still a risk, and thus the FBI and Secret Service have been called in to support the ongoing investigation. Furthermore, this is a wake-up call to any municipalities with critical infrastructure that could be vulnerable to attack.

While Gualtieri explained that “In order to get into the system, somebody had to use some pretty sophisticated ways of doing it,” it may not have taken much in all actuality. One bad password, open port, or compromised piece of software, including but not limited to TeamViewer, could have led to the cybersecurity issue. It is likely we will find out more in the coming days as the investigation continues, but for anyone with critical infrastructure under their purview, it is time to batten down the hatches as hackers are out to cause harm.