Cybercriminals last used shared passwords and Windows 7 PC’s to hack into the Oldsmar, Florida water plant. According to press reports, the hackers even used the remote access program TeamViewer to carry out a rather unsophisticated attack. Officials mentioned the crooks attempted in vain to boost chemicals to dangerous levels, but the attack was stopped quickly.
The investigation agency personal said, “The cyber actors likely accessed the system by exploiting cybersecurity weaknesses, including poor password security and an outdated Windows 7 operating system to compromise software used to remotely manage water treatment.
He further added, “The actor also likely used the desktop sharing software TeamViewer to gain unauthorized access to the system.”
The plant supervisors monitoring one of the systems saw the mouse cursor moving on the screen and the dosage amount indicators changing. It was one of the hackers who took control of the system via the TeamViewer application. He was attempting to access the sensitive systems and boost lye levels by 100 times.
With timely intervention, the process was reversed immediately keeping the water treatment plant safe. Without the timely action by the plant employees, it would have taken nearly 24 to 36 hours to reverse the effects of contamination
Investigations revealed the cause of the breach was an unpatched Windows 7 system for nearly a year. Also, the system was connected directly to the internet with any proper firewall to safeguard it.
Dragos Security’s Lesley Carhart said, “We have known for a long time that municipal water utilities are extremely underfunded and under-resourced, and that makes them a soft target for cyberattacks,”
He further added water utilities have a small IT staff, also they have no dedicated security staff for the task.