Utility plants around the world have been put on alert after a hacker managed to gain remote access to the water treatment plant of a city in Florida and briefly pump in dangerous chemicals.
According to reports, the hacker managed to make his way into a computer for the city’s water treatment system and managed to increase the amount of sodium hydroxide, also known as lye, by a factor of more than 100.
Lye is used in small amounts to control the water’s acidic content, but can wreak havoc in high quantities because of its corrosive properties. The incident could have led to a major disaster if it wasn’t for an alert supervisor who noticed the increase and immediately reduced the level of the chemical back to normal.
- We've put together a list of the best endpoint protection software
- Here’s our list of the best disaster recovery services
- Take a look at these best malware removal software
Reporting on a briefing by Pinellas County Sheriff Bob Gualtieri, the Tampa Bay Times reports that the hacker’s attempt was caught by a supervisor working remotely.
The Pinellas County Sheriff’s Office is investigating the break-in, along with the FBI and the Secret Service. However, no arrests have been made so far, and according to the report, investigators don’t yet even know whether the attacker was from within the US.
In response the city officials have disabled remote access to their systems and also assured residents that they have several other safeguards to prevent contaminated water from entering the water supply.
According to reports, Verizon detailed a similar attack on another unnamed US water facility in 2016. Even last year, there were multiple unsuccessful hacks on Israeli water supply utilities.
Many critical systems in the US and elsewhere are run by legacy Industrial Control Systems (ICS) that weren’t designed with cybersecurity in mind. In fact, a 2020 report from CyberNews warned that hackers could exploit a new niche of widespread security vulnerabilities ushered in by the rise of the Internet of Things (IoT) to target and seize control of critical public and private infrastructure in the US.
- Protect your devices with these best antivirus software