Today in data breaches
Posted: Thu Jan 28, 2021 6:02 pm
That being said, this one just looks like incompetent IT.A water-treatment plant in Oldsmar, Fla., was hacked, and the intruder briefly increased the amount of lye used to treat water to a dangerous level, authorities said Monday.
A plant operator noticed the alteration Friday and immediately reversed it, avoiding adverse effects on the city’s water supply. But the breach highlights the exposure of utilities to cyberattacks.
“Water systems, like other public utility systems, are part of the nation’s critical infrastructure and can be vulnerable targets when someone desires to adversely affect public safety,” said Pinellas County Sheriff Bob Gualtieri at a news conference Monday about the incident.
The hacking began on Friday morning at the plant in Oldsmar, a city of about 15,000 people in the Tampa Bay area, Sheriff Gualtieri said. Around 8 a.m., a plant operator noticed that someone remotely accessed a computer system he was monitoring that controls chemicals used to treat water as well as other functions. The computer system has a software program that allows authorized users to access it remotely.
The intruder got into the utility’s industrial control-system through TeamViewer, a tool that allows engineers to monitor and repair computers and network machines, Sheriff Gualtieri said in an interview. Though the utility had switched to a different tool six months ago, he said, the TeamViewer program remained in place but unused, providing the door through which the intruder entered and gained full access to the system.
The intrusion was brief, and the operator didn’t think much of it because his supervisor and others remotely access his computer screen to monitor the system, Sheriff Gualtieri said at the news conference. Then at around 1:30 p.m. Friday, someone again entered the system remotely. A plant operator observed the intruder opening various software functions that control the water being treated in the system, the sheriff said.
That was my first thought when I saw the story.
So far, hack descriptors such as “crazy huge,” “astronomical,” and “unusually aggressive” seem to be right on the money. As a result of Exchange vulnerabilities, it is likely that tens of thousands of U.S.-based entities have had malicious backdoors implanted in their systems. Anonymous sources close to the Microsoft investigation have repeatedly told press outlets that somewhere around 30,000 American organizations have been compromised as a result of the security flaws (if correct, these numbers officially dwarf SolarWinds, which led to the compromise of about 18,000 entities domestically and nine federal agencies, according to the White House). The number of compromised entities worldwide could be much larger. A source recently told Bloomberg that there are “at least 60,000 known victims globally.”
Listen, I'm on board with the feds demanding better cybersecurity for pretty much every industry. However, I don't want the feds dictating what those standards should be, nor do I want the corporations deciding. Create an advisory board made up of industry professionals from actual security companies (like DDI) and let them figure it out.So, how do we stop cyberattacks? The answer may be for the U.S. government to step in and mandate cybersecurity standards for the nation’s most crucial companies
I await the drone strikes.Leisher wrote: ↑Fri Jun 04, 2021 10:41 am Feds will start treating ransomware as same priority as terrorism.