A Florida Water Supply Was Nearly Poisoned By Hackers
On February 5, in Oldsmar, Florida, an attack was underway. While many Oldsmar residents were completely unaware of the attack, it was one that could have potentially caused widespread sickness in the city of 15,000 people in Pinellas County, near Tampa Bay.
Around 1:30 in the afternoon, an operator at an Oldsmar Water Treatment Facility noticed the cursor on his computer zip around his computer screen, frantically opening different controls for three to five minutes. It opened the controls for sodium hydroxide, also called lye, a chemical used in drain cleaner that, if too much is ingested, could cause vomiting and chest/abdominal pain. The levels of lye in the water were raised from 100 parts per million (a harmless amount) to 11,100 parts per million. The plant operator quickly realized something was wrong, and immediately moved the lye levels back to a safe amount before it could reach residents’ homes.
Although it was quickly resolved, this event could have had significant consequences. The hack reveals how vulnerable some public systems are to cyberattacks, especially something that has such an effect on public health, like a water treatment facility. The hackers were able to gain access to the water treatment controls by using a remote access software. The water treatment facility used this software in order to avoid workers gathering at the facility in large numbers because of the coronavirus pandemic. However, it was at risk for cyberattacks because it allowed anybody with the right credentials to access the water controls.
While the announcement of the cyberattack shocked many Americans, it wasn’t a surprise to many security experts, who have long warned about the vulnerabilities in critical infrastructure operations, including water treatment. Many of these facilities are underfunded and have few resources, which results in weak defense against cyberthreats. They also have inadequate amounts of IT specialists at these facilities and because of the coronavirus pandemic, many employees are working from home, leading to an increased amount of critical manufacturing operations being run using remote access software.
This cyberattack has exposed the weaknesses in cybersecurity in critical manufacturing operations across America, many of which have consequences on public health. Cyber units in the FBI and Secret Service are tracking down the attackers, which could potentially be in a different country. In fact, many of the United States’ international rivals have previously attacked American critical infrastructure. For example, Russia is blamed for attacking the American power grid in 2017, coming extremely close to destroying it. In 2013, Iranian hackers were accused of attacking a small dam in a New York suburb. Foreign attacks are a dangerous and serious threat to critical infrastructure, as many countries that attack the U.S. may use tactics like these to try to destroy a country from within. In the coming years, American critical infrastructure will need to create stronger defenses against cyberthreats in order to prevent cyberattacks on consequential and vital resources that Americans depend on.
Sources:
https://www.cnn.com/2021/02/13/us/florida-hack-remote-access/index.html
https://www.cbsnews.com/news/florida-water-hack-oldsmar-treatment-plant/
https://www.nytimes.com/2021/02/08/us/oldsmar-florida-water-supply-hack.html
https://www.washingtonpost.com/nation/2021/02/09/oldsmar-water-supply-hack-florida/