[ad_1]
The Florida water treatment facility whose computer system suffered a potentially dangerous computer breach last week used an unsupported version of Windows without a firewall and shared the same TeamViewer password among its employees, government officials reported.
The computer intrusion happened last Friday in Oldsmar, a Florida city of about 15,000 people located about 15 miles northwest of Tampa. After gaining remote access to a computer that controlled the equipment inside the Oldsmar sewage plant, the unknown intruder increased the amount of sodium hydroxide – a better caustic chemical – 100 times known as laundry -. without the guarantees that the city has put in place.
Beware of lax security
According to a notice from the state of Massachusetts, employees at the Oldsmar site used a computer running Windows 7 to remotely access plant controls, known as the SCADA system – short for “supervisory control and data acquisition ‘- system. Additionally, the computer did not have a firewall installed and used a password shared among employees to remotely connect to city systems with the TeamViewer app.
Massachusetts officials wrote:
Unidentified actors accessed the SCADA controls of the water treatment plant through remote access software, TeamViewer, which was installed on one of the many computers used by the water treatment plant staff. to perform system status checks and to respond to alarms or any other problem that occurs during the water. treatment process. All computers used by water plant personnel were connected to the SCADA system and used the 32-bit version of the Windows 7 operating system. In addition, all computers shared the same password for access to remotely and appeared to be connected directly to the internet without any type of firewall installed.
A private sector notice issued by the FBI provided a similar assessment. It said:
Cyber actors probably entered the system by exploiting weaknesses in cybersecurity, including poor password security and an outdated Windows 7 operating system to compromise the software in use.
to remotely manage water treatment. The actor also likely used TeamViewer desktop sharing software to gain unauthorized access to the system.
FBI
Employees of the Oldsmar Water Treatment Department and the Town Manager’s Office did not immediately respond to phone messages seeking comment on the post.
Sins and omissions
The revelations illustrate the lack of security rigor in many critical infrastructure environments. In January, Microsoft ended support for Windows 7, a move that ended security updates for the operating system. Windows 7 also offers less security protections than Windows 10. The lack of a firewall and identical password for every employee are also signs that the department’s security regime was not as strict. than it could have been.
The breach occurred around 1:30 p.m., when an employee watched his city’s computer mouse move on its own as an unknown person remotely accessed an interface controlling the processing process of the water. The person on the other end changed the amount of lye added to the water from about 100 parts per million to 11,100 ppm. Lye is used in small amounts to adjust the alkalinity of drinking water and remove metals and other contaminants. At higher doses, the chemical presents a health hazard.
Christopher Krebs, former head of the Cybersecurity and Infrastructure Security Agency, would have said On Wednesday, a House of Representatives internal security committee said the violation was “very likely” the work of a “disgruntled employee.”
City officials said residents were never in danger as the change was quickly detected and reversed. Even though the change had not been reversed, officials said, treatment plant staff have redundancies in place to catch unsafe conditions before water is delivered to homes and businesses.
The shared TeamViewer password was reported earlier by the Associated Press.
[ad_2]
Source link