![]() Did the machine have known and remotely exploitable vulnerabilities?.But there are important questions beyond “is this software allowed?”: In this case, it appears that TeamViewer was sanctioned and allowed to be used on the plant operator’s system. There are many legitimate reasons to use software that enables remote connections - but it can also be used maliciously. Plus, you can remotely connect to servers, commercial-grade machines, and IoT devices from anywhere, at any time through our secure global remote access network.” “TeamViewer lets you remote in to computers or mobile devices located anywhere in the world and use them as though you were there. The operator’s computer was accessible remotely via Team viewer, allowing remote access, support, and control of devices. These efforts reduce the likelihood that the local population would have been affected. It’s important to note that the mayor assured the public that, even if the operator hadn’t been watching live, redundancies were in place to alert the plant about the incident. Had the change gone unnoticed, Oldsmar citizens could have been exposed to water that made them sick at best, fatal at worst. Luckily, the plant operator saw the change, immediately recognized the danger, and changed the sodium hydroxide levels back to normal. The remote connection then quickly ended. ![]() The operator’s suspicion was confirmed, when the malicious actor changed the levels of sodium hydroxide - normally used to alter water alkalinity (and the primary ingredient in drain cleaner) - from 100 parts per million to 11,100 parts to million. Only this time, the malicious actor took control and began clicking into various applications and settings to make configuration changes. Although he noticed someone remotely accessing the system via TeamViewer, he quickly discounted his initial suspicions - several employees normally access the machine through a remote connection. ![]() A malicious actor remotely accessed a computer system responsible for distributing the chemicals that treat the water and other plant operations. In the video below, the sheriff summarizes the incident. But I was impressed by the transparency into the inner-workings of the plant, how the intrusion happened, and the steps that were taken after the fact. Unfortunately, intrusions like this aren’t uncommon. The video was from Oldsmar, Florida, where the sheriff, mayor, and public works manager addressed an unauthorized intrusion into their water treatment facility. However, while scrolling through my news feed this week, I stumbled on a press conference that caught my attention, and I watched it in full. By leveraging penetration testing, managed security solutions and Cyber Security Incident Response, we can help your organization become secure and meet your compliance goals.I should start by saying that I don’t typically watch small town press conferences about municipal water treatment operations. NGuard has broad experience helping to secure all types of critical infrastructure organizations, including energy. Have a strong password policy that is strictly enforced for all types of accounts. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |