Water supply hack highlights vulnerability to cyberattacks
A HACKER broke into a Florida town’s water supply and tried to poison it with caustic soda.
The incident was reported last week when a plant operator at a water treatment facility in Oldsmar, Florida, noticed his mouse dash around his screen. For three to five minutes, police said, he tracked the arrow as it clicked open one software function after another until it finally landed on the controls to the water’s levels of sodium hydroxide, also known as caustic sode or lye.
Then, he watched the hacker who’d taken control of the system raise the levels of sodium hydroxide more than 100-fold, according to police – a hazardous level that could sicken residents and corrode pipes.
The operator was able to quickly fix the levels moments after the hack, police said. “At no time was there a significant adverse effect on the water being treated,” Pinellas County Sheriff Bob Gualtieri said.
“Importantly, the public was never in danger.”
But the near-miss incident was the latest alarming sign that critical infrastructure in America is vulnerable to cyberattacks.
In July last year, the Cybersecurity and Infrastructure Security Agency warned that infrastructure such as water and power plants, emergency services and transportation systems make “attractive targets for foreign powers attempting to do harm to US interests or retaliate for perceived US aggression”.
Since the beginning of the coronavirus pandemic, hospitals nationwide have seen a surge in cyberattacks. In December, it was revealed that Russian hacking groups were behind massive breaches at the US
Treasury and Commerce departments.
In a tweet, Florida Senator Marco Rubio said he was asking the FBI to “provide all assistance necessary” in the investigation into the Oldsmar attack.
“This should be treated as a matter of national security,” he wrote.
In Oldsmar, a city northwest of Tampa with about 15,000 residents, a plant operator first noticed someone remotely accessing the computer system at around 8am on Friday. The employee didn’t think much of it, Mr Gualtieri said, because supervisors commonly used TeamViewer software to “monitor the system”.
TeamViewer spokesman Patrick Pickhan said the company was aware of reports of the hack and was “monitoring the situation”. He condemned “any malicious behaviour” on its software. (© Washington Post)
DR ANTHONY FAUCI, director of the US National Institute of Allergy and Infectious Diseases, issued a warning on February 8: “It is possible the UK variant will become the dominant strain of the virus in the US by March.”
At the same time, Dr Rochelle Walensky, director of the US Centres for Disease
Control and Prevention, said in a public statement: “I would really encourage people not to travel. There’s more gathering that happens at airports.”
Only an absolute fool would ignore these serious warnings from these internationally respected specialists in infectious diseases. Declan Foley
Berwick, Australia