Authorities thwart an attempt by a hacker to poison the water supply in a Florida town of 15,000 people.
Pinellas County’s sheriff says a hacker broke into the computer system of a facility that treats water for about 15,000 people in the town of Oldsmar near Tampa in the US state of Florida and sought to add a dangerous level of additive to the water supply.
The attempt on Friday was not successful, as the facility staff were able to thwart the hacker who had gained remote access to TeamViewer software on a facility employee’s computer to gain control of other systems, Sheriff Bob Gualtieri said in an interview.
The hacker then increased the amount of sodium hydroxide, also known as lye, being distributed into the water supply. The chemical is typically used in small amounts to control the acidity of water but is dangerous to consume at higher levels.
“The guy was sitting there monitoring the computer as he’s supposed to and all of a sudden he sees a window pop up that the computer has been accessed,” Gualtieri said. “The next thing you know someone is dragging the mouse and clicking around and opening programmes and manipulating the system.”
The plant employee alerted his employer, who called the sheriff. The water treatment facility was able to quickly reverse the command, leading to minimal impact.
‘A wake-up call’
The sheriff said the intruder was active for three to five minutes. When they exited, the plant operator immediately restored the proper chemical mix, he said.
No arrest has been made so far. The FBI and Secret Service have been called in to assist in an investigation.
Gualtieri said he does not know who is responsible for the cyberattack.
“The important thing is to put everyone on notice,” he said. “This should be a wake-up call.”
Oldsmar Mayor Eric Seidel said in a press conference on Monday that the affected water treatment facility also had other controls in place that would have prevented a dangerous amount of lye from entering the water supply unnoticed.
“The amount of sodium hydroxide that got in was minimal and was reversed quickly,” Gualtieri said. The affected water treatment facility is a public utility owned by the town, he explained, which has its own internal IT team.
Experts say municipal water and other systems are potentially easy targets for hackers because local governments’ computer infrastructure tends to be underfunded.
Robert M Lee, CEO of Dragos Security and a specialist in industrial control system vulnerabilities, said remote access to industrial control systems such as those running water treatment plants has become increasingly common.
“As industries become more digitally connected we will continue to see more states and criminals target these sites for the impact they have on society,” Lee said.
The leading cybersecurity firm FireEye attributed an uptick in hacking attempts it has seen in the last year mostly to novices seeking to learn about remotely accessible industrial systems.
Many victims appear to have been selected arbitrarily and no serious damage was caused in any of the cases – in part because of safety mechanisms and professional monitoring, FireEye analyst Daniel Kapellmann Zafra said in a statement.
“While the (Oldsmar) incident does not appear to be particularly complex, it highlights the need to strengthen the cybersecurity capabilities across the water and wastewater industry,” he said.