Today, the ability of cybercriminals or ‘hackers’ to cause havoc to public health in real-time from a virtual environment is a documented fact. In much of the developed world, data and data systems for the top-tiers of government, as well as mundane things such as the public water supply are located online.
The reliance on the internet clearly puts the safety and integrity of these systems at risk, making them a convenient target for sabotage. In yet another example of a cybercriminal attack on public health, an ongoing investigation into finding the hacker that breached Florida’s water supply is still underway at the moment. The breach took place over the Super Bowl weekend.
Details About The Hack
On Monday, Pinellas County Sheriff Bob Gaultieri, Mayor Eric Seidel of the City of Oldsmar, and City Manager Al Braithwaite held a joint press conference where they reported an “unlawful intrusion to the City of Oldsmar’s water treatment plant system.”
Details surrounding the hack include information that “someone” breached the Oldsmar, Florida city water treatment plant computer system. Further details include that the “bad actor”, as the Mayor put it, gained unauthorized access to Oldsmar city’s water treatment plant systems (which serves 15,000 citizens) and attempted to increase the level of a certain chemical.
Authorities stated that a plant operator noticed unusual activity while at work on Friday morning. The operator noted that someone was controlling the mouse on-screen and accessing the functions.
The most shocking activity that the plant operator noticed, was that the hacker increased the amount of sodium hydroxide in the water supply (a necessary chemical in small amounts) by a factor of 100. The normal sodium hydroxide concentration for this process is 100 parts per million, which was increased to 11,100 parts per million. According to the CDC (Centers for Disease Control), such an increase in the particular chemical can cause severe health issues such as abdominal pain, vomiting, heart problems, and even death.
The Outcome of The Breach
The plant operator was luckily present and aware of what was unfolding on-screen at the time. Following the breach, the operator “immediately reduced” the levels of sodium hydroxide to normal levels. Furthermore, the plant operator believed that it was his supervisor remotely accessing the computer system, and as a result, did not suspect that this was a sabotage attempt.
Following the breach, the “remote access program” to the water system was temporarily disabled. The good news is that County Sheriff Bob Gualtieri confirmed that the public was never in any danger of the consequences of the hack.
The Investigation is Ongoing
The investigation for the Oldsmar water system hack is still ongoing at the moment, and Florida Senator Marco Rubio emphasized that this is now a matter of national security. A similar breach had taken place in 2016 when a security report from Verizon mentioned another water facility attack.
It is still unclear to authorities and intelligence services whether the hack was orchestrated from within the United States or not. CEO of Dragos Inc., (an industrial cybersecurity company) Robert M. Lee said that attacks of this nature are something that worries industry experts. He added that this particular attack was not “particularly sophisticated” but is a serious concern nonetheless.
The County Sheriff also stated that if the sabotage had been successful, it would have taken at least 24 hours for the water to be contaminated, and that even then additional security checkpoints would have detected an anomaly.
Industrial Cybersecurity at Risk
Today, it is clear that cybercriminals are practicing heinous industrial sabotage. Cybersecurity experts have been warning for a long time that ‘critical infrastructure‘ is at risk of cybercrime. Critical infrastructure by definition includes; transport, nuclear plants, electricity, water, and all other national networks of systems necessary for daily life.
Industrial cybersecurity issues are nothing new and are most often due to political tension. Attacks on everything from; energy, electricity, and water systems have taken place in countries such as Israel, Iran, Ukraine, and the United States. It is usually a long process to uncover who is behind critical infrastructure attacks, but can be anyone from an angry employee to a nation-state.
Critical infrastructure systems running out-of-date software and having other vulnerabilities is a matter that needs attention in order to keep up with sophisticated attacks in the future. Breaches such as this one are easier to conduct for the cybercriminal, because of the small scope of the facility. Regarding this case, Oldsmar Mayor Eric Seidel stated; “This is kind of bad. Actors are out there, it’s happening”.