Same story. The Internet is now everywhere, and the security systems of plants (even very sensitive ones) are managed by computers and software with perhaps without adequate control over possible security holes. This is what happened in Florida, where a hacker attempted to poison a water treatment plant after breaking into the computer system .
During a press conference held immediately after the incident, the Pinellas County Sheriff, Bob Gualtieri, said that an operator at the plant was able to intercept and interrupt the manipulation in real time , thus saving everything from a possible dramatic situation.
"There was no significant effect on the treated water and, more importantly, the residents were not endangered"
The hacker who attacked the water purification plant in Florida: he used TeamViewer
The hacker (s) in question successfully infiltrated the computer system that controls the water treatment plant, and remotely changed a value that controls the sodium hydroxide (NaOH) levels in the water by modifying it. drastically the levels.
The attacker has increased the amount of sodium hydroxide in question from 100 parts per million to 11,100 parts per million, using a system that allows remote access via TeamViewer , which we are probably all familiar with. which allows users to initiate remote desktop sessions, typically for remote assistance and / or monitoring). The initial investigation revealed that the hacker gained remote access to the treatment plant's computer for approximately 3-5 minutes, time to change the values in question.
Sodium hydroxide is a strong base and is normally used in small amounts to control the acidity levels of water. In high and undiluted concentrations, however, it can be toxic, to the point of causing irritation to the skin and eyes. It is currently unknown whether the hacking was performed from within the United States or outside the country.
Fortunately, early operator intervention avoided more serious consequences, but the sabotage attempt highlights the exposure of critical infrastructure and industrial control systems to cyber attacks , and the "ease" with which these attacks can occur. Better to avoid unpleasant situations, like that time when a hacker attacked the network of a nuclear power plant in India .
The fact that the hacker in question used TeamViewer to take control of the system underscores the need to secure access to these critical systems with multiple layers of security (perhaps with multi-factor authentication) and prevent such sensitive systems from being accessible from the outside.
The article The time a hacker tried to poison a Florida water treatment plant comes from Tech CuE .