![]() ![]() On top of the above, it appears that TeamViewer hadn’t been actively used by the staff there for nearly six months. And to not have any client security, such as a local software firewall, on such a machine is IT malpractice. That is doubly so for any systems that are critical, or which have access to critical systems. Have your computer systems on operating systems that are under active support and are being patched. If you’re not in the IT space, this is base level stuff. ![]() What’s more, the computer had no firewall installed and used a password that was shared among employees for remotely logging in to city systems with the TeamViewer application. The answer, as is far too often the case, is poor security practices at the treatment plant.Īccording to an advisory from the state of Massachusetts, employees with the Oldsmar facility used a computer running Windows 7 to remotely access plant controls known as a SCADA-short for “supervisory control and data acquisition”-system. ![]() Once the dangerous part of all of this was over, attention rightfully turned to figuring out how in the world this happened. While those changes were remediated manually by onsite staff, it should be noted that this represents an outside attacker attempting to literally poison an entire city’s water supply. Chemical changes would have been detected.Fri, Feb 12th 2021 07:39pm - Timothy Geignerīy now, you have likely heard about the recent hack into a Florida water treatment plant which resulted in the attacker remotely raising the levels of sodium hydroxide to 100 times the normal level for the city’s water supply. 'It turned out that basic security measures are necessary due to this hack, but there is no need for drastic system reforms,' he said.Ī safeguard has been set up at the water treatment facility for some time, and Bob Gualtieri of the Pinellas County Sheriff's Office, who was in charge of the case, said, 'There is a grace period of more than 24 hours before water supply, and during that time. Chris Systrunk, FireEye's technical manager, said, 'Cybersecurity issues are relatively new to American water companies, and issues such as blocked water pipes and broken pipes are more important. The developer issues a statement about the damage caused by the hijacking of TeamViewer that remotely operates the PCĪccording to cybersecurity company Fire Eye, attempts to hack water treatment facilities have increased over the past year, but most are by amateurs. Team Viewer has many users all over the world, but it has a long history of being used as an attack method for hackers in each country, and Team Viewer has a security measure of 'setting a secure password that is difficult to guess'. The FBI has released similar findings, stating that 'hackers have exploited security weaknesses to access the system.' However password to use the Team Viewer is the same thing in all of PC are used, further PC is connected to leave the Internet of disabled firewall, OS of all of the PC support is the end was was 'Windows 7' It is called Ta. It is known that the status check and system control of the water treatment plant were performed through this. It turns out that the water system was hacked and there was a risk of mass poisoning of citizensĪccording to an investigation by the Massachusetts Department of Environmental Protection, which was investigating this case, the remote control software 'Team Viewer' was installed on one of the PCs of the water treatment facility where unauthorized access was made, and staff members installed this software. However, the staff immediately restored the settings and notified the authorities, and they are getting things done. As personnel monitored the system, the on-screen cursors moved to change plant settings, increasing the sodium hydroxide concentration in the clean water up to 100 times higher than normal. Hack exposes vulnerability of cash-strapped US water plantsīreached water plant employees used the same TeamViewer password and no firewall | Ars TechnicaĪn unauthorized access to the water treatment facility in question occurred around 1:30 pm on February 5, 2021, according to a statement from the Pinellas County, Florida Security Office. On February 11, 2021, when the investigation proceeded, it was reported that it was revealed that a hacker broke into a PC without a firewall and used the remote control software ' Team Viewer ' installed on the PC. Fortunately, it was discovered early and there were no victims, but the FBI and Secret Service have begun investigating it as a national security issue. ![]() On February 5, 2021, an incident occurred in which someone remotely accessed a water treatment facility in Oldsmer, Florida, and set the amount of sodium hydroxide contained in clean water to about 100 times the standard value. 17:00:00 What is the sloppy security system of a water treatment facility that was in danger of mass poisoning due to hacking? ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |