Takeaways from Water Plant Attack

Hackers were able to infiltrate a water treatment plant in Oldsmar, FL on February 5th, and increase the levels of lye in the water to a dangerous level. Additional information has been released about the attack over the past week. We will explore why the Oldsmar water treatment plant is the definition of low hanging fruit for hackers.

An employee of the small municipal water treatment plant noticed their mouse moving around the screen independently of what he was working on. This was not uncommon because remote workers would often connect to the systems to make changes without communicating with the plant workers. The same employee noticed the mouse moving again five hours later, and then it changed the level of sodium hydroxide from 100 parts per million to 11,100 parts per million. At this level, the water is not safe to touch with bare skin, let alone drink. Luckily, the employee saw the change take place on his screen, corrected the change, and called the police.

Since the attack, we have learned more about the IT infrastructure of the water treatment plant. All the computers in the facility were running Windows 7 operating system. Windows 7 reached its end of life in 2020 and is no longer patched or updated by Microsoft. All computers were connected to the plant’s supervisory control network, so all computers in the plant could make changes to the amount of chemicals in the water. All computers in the plant used the same password for remote access and were connected directly to the internet without a firewall between them and the outside world. The incident put other water treatment plants on high alert. The state of Massachusetts published a cybersecurity advisory for water treatment plants, you can read here.

Small cities and municipalities can be easy targets for hackers because often their budget is not large enough to update systems regularly and keep an IT professional on staff. We reported on the ransomware attack on Lafayette, CO in September. They faced many of the same hurdles as the water treatment plant in Oldsmar, FL.

At Quanexus we use our Q-Stack to ensure clients are not easy targets. We can see the Oldsmar water plant skipped basically every step in the layered security approach we implement for our clients. For many small cities and businesses, a managed service provider can implement higher quality security for less than the cost of an additional employee.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright