On Monday at a press conference, the Pinellas County Sheriff Bob Gualtieri stated that a hacker gained entry to the plant’s management systems last Friday, not only once but twice. Many water services now use internet-connected remote access applications that enable operators to observe and manipulate water systems from far away. The hacker initially broke into this system on Friday morning, however, the activity wasn’t flagged as suspicious due to the supervisor’s normal entry into the system remotely and it was assumed that that is what happened, according to authorities.
But there was a second intrusion later that day in the afternoon when an on-duty plant operator witnessed the hacker “opening various functions in the system that control the amount of sodium hydroxide in the water.” Sodium hydroxide (also referred to as lye), is a corrosive element generally utilized in small doses to keep pipe decay at bay in water systems. In excessive doses, lye results in very severe health issues like blindness and is fatal. The hacker, whoever they had been, was basically making an attempt to turn the city’s water supply into plumber’s Drano.
“The hacker changed the sodium hydroxide [levels] from 100 parts per million to 11,100 parts per million. This is obviously a significant and dangerous increase,” Gualtieri mentioned throughout his remarks. The on-duty operator who witnessed this instantly decreased “the levels to their appropriate amount” after which he notified his supervisor of the incident, then “steps were taken to prevent further remote access to the system,” Gualtieri. stated. The hacker was active inside the system for three to five minutes, he added.
“At no time was there a significant effect on the water being treated, and more importantly the public was never in danger,” Gualtieri claimed while including that authorities didn’t yet have a suspect who was complicit in the incident. Investigators do have some leads and the FBI and the U.S. Secret Service are helping, according to Gualtieri.
“We don’t know right now whether the breach originated from within the United States or outside the country. We also do not know why the Oldsmar system was targeted and we have no knowledge of any other systems being unlawfully accessed.
Because of this security breach, we are asking that all governmental entities within the Tampa Bay area with critical infrastructure components actively review their computer security protocols,” the sheriff stated.
It’s a really weird incident, not least of which is as a result of cybersecurity specialists having long hypothesized about how utility systems could possibly be hijacked to commit acts of terrorism. There have been scant real-world examples up until now. Indeed, cyberattacks on operational technology have usually involved financially motivated crime, which is reminiscent of the continuing series of ransomware assaults involving big shipping businesses. There are few incidents during which operating systems were sabotaged for the sake of sabotage.
Let’s also take into account the fact that the U.S.’s water systems are already in deep enough trouble without adding terroristic cyberattacks to the mix. Aging infrastructure and pollution imply that America basically does a fine job of poisoning itself, without the assistance of rogue hackers. Ironically, that is a part of the explanation for why that sodium hydroxide is even in water systems, to begin with.
Kyle James Lee – The AEGIS Alliance – This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.