[ad_1]
By now, you’ve probably heard the theoretically scary story of how hackers managed to infiltrate the computer systems of a water treatment plant in Oldsmar, Florida and remotely control water levels. chemicals – but it turns out that description gives hackers far far too much credit.
Reality? The wastewater treatment plant himself left the remote control software on the shelf on these critical computers – and apparently never, ever bothered to change the password.
An official cybersecurity advisory on the incident from the state of Massachusetts (via Ars Technica) explains that the SCADA control system was accessed through TeamViewer, the type of remote desktop application an IT administrator might deploy to remotely troubleshoot computers – not something you would typically want connected to a critical system. More importantly, and here I will simply quote the Massachusetts report verbatim:
Additionally, all of the computers shared the same password for remote access and appeared to be connected directly to the internet without any type of firewall installed.
Yes, just like the Florida Department of Health, this Florida water treatment plant apparently didn’t bother to issue individual passwords for software that could give anyone full access to it. ‘one of their computers and their water treatment system.
In other words, any employee could adjust the city-wide water supply on a whim from anywhere in the world. What Likely What Happened: Former US Cyber Security Czar Christopher Krebs testified earlier today that it was “most likely” an insider, perhaps a disgruntled employee. Someone who would already have access, which would not be a “hack” at all.
In subsequent remarks, @C_C_Krebs clarifies: “It is possible that it is an insider or a disgruntled employee. It is also possible that it is a foreign actor.” … But “we must not jump to the conclusion that he is a sophisticated adversary”.
– Ellen Nakashima (@nakashimae) February 10, 2021
By the way, it’s not like the water treatment plant uses this software: Pinellas County Sheriff Bob Gualtieri said the plant actually stopped using TeamViewer six months ago. , according to The Wall Street Journal, but always left it installed.
It should probably go without saying that you shouldn’t leave critical public infrastructure easily accessible from anywhere in the world, but the FBI is saying so anyway, according to ZDNet; the agency sent an alert today warning about TeamViewer, bad passwords and Windows 7, which Microsoft no longer supports with security updates but the water treatment plant was still installed.
Unfortunately, reports on Vice and Cyberscoop suggest that lax security (including TeamViewer in particular) and aging infrastructure is all too common in small utilities, which may not have the budget, expertise or even the ability to monitor their own security systems, at instead, often entrust them to third parties.
The good news is that a factory operator quickly noticed the intrusion, reversed it, and it looks like no one was hurt.
[ad_2]
Source link