Water treatment facility hacked

[beej]

oh goody something new to worry about, glad I'm on a well.

https://www.ien.com/home/news/21271192/hackers-breach-treatment-plant-try-to-poison-water?lt.lid=6022c40eb8fd6b263b54c372&lt.ack=EIfrx_Maf&lt.usr=2084709&utm_source=ENT_02092021&utm_medium=email&utm_campaign=131836&utm_term=687348">https://www.ien.com/home/news/21271192/ ... erm=687348">https://www.ien.com/home/news/21271192/hackers-breach-treatment-plant-try-to-poison-water?lt.lid=6022c40eb8fd6b263b54c372&lt.ack=EIfrx_Maf&lt.usr=2084709&utm_source=ENT_02092021&utm_medium=email&utm_campaign=131836&utm_term=687348

A hacker gained unauthorized entry to the system controlling the water treatment plant of a Florida city of 15,000 and tried to taint the water supply with a caustic chemical, exposing a danger cybersecurity experts say has grown as systems become both more computerized and accessible via the internet.

The hacker who breached the system at the city of Oldsmar's water treatment plant on Friday using a remote access program shared by plant workers briefly increased the amount of sodium hydroxide by a factor of one hundred (from 100 parts per million to 11,100 parts per million), Pinellas County Sheriff Bob Gualtieri said during a news conference Monday.

Sodium hydroxide, also called lye, is used to treat water acidity but the compound is also found in cleaning supplies such as soaps and drain cleaners. It can cause irritation, burns and other complications in larger quantities.

Fortunately, a supervisor saw the chemical being tampered with — as a mouse controlled by the intruder moved across the screen changing settings — and was able to intervene and immediately reverse it, Gualtieri said. Oldsmar is about 15 miles (25 kilometers) northwest of Tampa.

[Matthew Hajicek]

Sesame Street has been brought to you by the words "Air Gapped".

[pmartin]

[quote="Matthew Hajicek" post_id=6381 time=1612906019 user_id=57]
Sesame Street has been brought to you by the words "Air Gapped".
[/quote]

"Air Gapped"

Its inconceivable to me that so many sensitive systems are internet accessible.

[RobertELee]

[quote="Matthew Hajicek" post_id=6381 time=1612906019 user_id=57]
Sesame Street has been brought to you by the words "Air Gapped".

"Air Gapped"

Its inconceivable to me that so many sensitive systems are internet accessible.
[/quote]

Techs, operators, and management need access 24/7. My BIL is a Systems Specialist for Xcel Energy, he has shown me his controls once while I was at his home and he received a call. He could likely shut down a good portion of the Midwest if he wanted. With that said, he obviously has numerous passwords and multistep verifications to go through for access.

[joshc]

be super careful with any remote meetings and make sure you trust whoever you let onto your pc. through a teamviewer session you can delete almost all of someones files without them knowing your doing it, among other malicious things. I found out about it from this youtube person https://www.youtube.com/channel/UCm22FAXZMw1BaWeFszZxUKw">https://www.youtube.com/channel/UCm22FA ... WeFszZxUKw">https://www.youtube.com/channel/UCm22FAXZMw1BaWeFszZxUKw, he is a counter scammer where what he does is waste scammers time (as much time as he can waste of theres, sometimes making the scammer call him daily for weeks on end) and then as the scammers are trying to get him to send giftcards and trick him in various ways he is instead letting the scammer remote into his pc while he deletes all their files, etc. Its pretty interesting youtube channel and good to see that someones sticking it to these scammers but its an eye opener after you can see what he is able to do to these scammers computers without them knowing right over teamviewers, etc.

so be careful out there guys!

[Matthew Hajicek]

I better not piss of the tech guys at CGTech!