[BreachExchange] Hacker Increased Chemical Level In Florida City’s Water System

Destry Winant destry at riskbasedsecurity.com
Tue Feb 9 11:03:56 EST 2021


https://www.techworm.net/2021/02/hacker-chemical-florida-city-water-system.html

Hackers on Friday gained unauthorized entry into the computer system
controlling a water treatment facility in the city of Oldsmar, Florida
and sought to add a “dangerous level” of additive to the water supply,
according to a report from the Tampa Bay Times.

The incident first took place on February 5th at Oldsmar’s water
treatment facility when around 8 a.m. a plant operator noticed someone
remotely accessing the computer system he was monitoring. This system
is responsible for controlling the chemicals and other operations of
the water treatment plant.

Since the computers are set up for allowing remote access to
supervisors to troubleshoot from different locations, the operator did
not think much of the incident. However, it happened again that
afternoon at about 1:30 p.m., as the operator could see someone taking
control of the mouse and opening various software functions that
control the water treatment.

The hacker spent around five minutes in the system and briefly
increased the amount of sodium hydroxide, also known as lye, in the
water from 100 parts per million to 11,100 parts per million. After
the second attempt, the plant operator at the water supply plant
immediately reset the levels of sodium hydroxide to normal.

“This is obviously a significant and potentially dangerous increase
sodium hydroxide also known as lye is the main ingredient in drain
cleaners. It’s also used to control water acidity and remove metals
from drinking water,” Pinellas County Sheriff Bob Gualtieri said
during a news conference on Monday.

“In these mega quantities, it’s a caustic substance. I’m not a
chemist, but it is the primary ingredient in liquid drain cleaners.
It’s lye. I want to stress, it would have been caught. But if you want
to put that amount of substance in the drinking water, it’s not a good
thing. The amount of sodium hydroxide that got in was minimal and was
reversed quickly.”

Oldsmar Officials said other safeguards in place to prevent the
increased chemical would have likely caught the change before it was
released to the public.

Gualtieri added, “At no time was there a significant adverse effect on
the water being treated. Importantly, the public was never in danger.
Even if the plant operator had not quickly reversed the increased
amount of sodium hydroxide, it would’ve taken between 24 and 36 hours
for that water to hit the water supply system.”

The Oldsmar plant supplies water to businesses and about 15,000
residents. Oldsmar officials have since temporarily disabled remote
access programme to the water system.

The FBI along with the Secret Service and the Pinellas County
Sheriff’s Office are trying to determine who is behind the hack.
Gualtieri said he does not know who is responsible for the
cyberattack.

“The important thing is to put everyone on notice. Obviously, these
investigations are very complicated. We don’t know right now if the
breach originated within the United States, or outside the country. We
also do not know why the Oldsmar system was targeted and we have no
knowledge of any other systems being unlawfully accessed,” Gualtieri
added.


More information about the BreachExchange mailing list