A hacker has increased sodium hydroxide levels in the water supply of Oldsmar, a Florida town of 1,500 people. The levels have reached an extremely dangerous level.
The town of Oldsma’s water treatment plant uses TeamViewerA telemaintenance software program to allow personnel to easily monitor all systems in the plant. On the morning of February 5, the sliders were out of control before pointing to the sewage treatment plant controls. In a matter of seconds, the hacker was trying to modify sodium hydroxide levels (also known as caustic soda) from the water supply.
The level went from 100 ppm to 11,100 ppm.. At low concentrations, this corrosive chemical regulates the PH level in drinking water. At high levels, it becomes very dangerous. Human tissue is damaged on contact with it.
Rapid detection and no risk to the population
According to city officials, the operator has quickly spotted the intrusion and immediately returned the sodium hydroxide levels to normal. Even if he had not done so, the poisoned water would have taken 24 to 36 hours to reach the city’s population. In addition automated protective measures pH test would have triggered an alarm and detected the change before anyone became contaminated.
The hacker seems to have compromised the station’s TeamViewer software. to remotely access the target computer. But the authorities have no further information on how the hacker accessed TeamViewer or obtained initial access to the plant’s computer network.
It also did not provide any details on how the intruder penetrated the so-called operational technology network that controls the physical equipment that is generally separate from the computer network connected to the Internet. For the city’s forensic investigators, the FBI and the Secret Service, the investigation is ongoing.
A possible attack via the Internet
Professionals have long advised to Separate IT and OT networks for maximum security. They also recommend limiting or even eliminating all connections of operational technological systems to the Internet. In his statements, the City Sheriff admitted that the EO systems at the plant were accessible from outside the plant. and that all the evidence indicates that the attacker accessed it from the Internet.
The factory would have uninstalled TeamViewer since the attack…. She also warned all government organizations in the Tampa Bay area of the reality of the attack. She suggested that they review their security protocols and make updates to protect themselves.
This attack is not an isolated case. And according to one study, water and sewage treatment plants are often among the targets. Their infrastructure is among the most digitally vulnerable in the United States.