UPDATE: Oldsmar Water Hack

Lauren Abshire
Director of Content Strategy   United States Cybersecurity Magazine

On February 5, 2021, a hacker took remote control of one of Oldsmar Water Plant’s operator machine. The hacker then increased the sodium (lye) by 100 factors. The FBI was called in after this attempted attack was noticed and reported to the local Sheriff’s office. It was reported that the Oldsmar Water Plant occasionally used remote access to troubleshoot problems and monitor the system. Following this incident, the remote access was disabled. Below, is the Oldsmar Water Hack update.  

OLDSMAR WATER HACK UPDATE

On February 11, 2021, a joint cybersecurity advisory was released by CISA, U.S. EPA, FBI and MS-ISAC. The advisory mentions that the hacker “likely accessed the system by exploiting cybersecurity weaknesses, including poor password security, and an outdated operating system.” The system was exploited through Windows 7.  It is also mentioned in this advisory that the hacker may have used a desktop sharing software, such as TeamViewer to gain remote control of the operator’s machine and tamper with the lye levels.

On January 14, 2020, Microsoft ended support for Windows 7. In short, meaning Microsoft would no longer provide security updates or fixes. Thus, increasing the risk of a hacker gaining access to systems running Windows 7.

It was directly recommended by both Microsoft and the joint cybersecurity advisory to update to the latest OS, i.e., Windows 10. Furthermore, the joint cybersecurity advisory recommends using MFA, strong passwords, audit logs for all remote connection protocols, keeping firewalls and anti-viruses up to date in order to help protect from an attack like the one on the Oldsmar Water Plant.

The joint cybersecurity advisory also released additional security measures for Water and Wastewater Systems to “physically prevent dangerous conditions from occurring if the control system is compromised by a threat actor.” Following these recommendations released by the joint cybersecurity advisory will ensure that should this happen again, hackers will not be able to raise the pH to lethal levels as they did in the Oldsmar Water Hack.


 

Leave a Comment