cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
denbesten
Community Champion

Water System Hacked

 

A hacker gained access into the water treatment system of Oldsmar, Florida, on Friday and tried to increase the levels of sodium hydroxide -- commonly referred to as lye -- in the city's water, officials said, putting thousands at risk of being poisoned.

https://www.cnn.com/2021/02/08/us/oldsmar-florida-hack-water-poison/index.html

This is a successful incident response story.  The duty-operator immediately noticed the attack, watched the level be changed and immediately restored it the proper level.  They then disabled their remote access system and noted that had there were additional "downstream" monitors that would have triggered had their first level control (the operator) failed. 

 
So kudos for Detect and Respond, but Protect does seem to have room for improvement (e.g. MFA and isolation) that will become evident in the lessons-learned phase.
 
 
2 Replies
denbesten
Community Champion

Re: Water System Hacked

Turns out their "remote access solution" was teamviewer, which notoriously does not play nice with corporate security (e.g. no SAML nor MFA in thier standard package).

 

 

AndreaMoore
Community Manager

Re: Water System Hacked