gasilpac.blogg.se

1. Water plant employees used same teamviewer software#
2. Water plant employees used same teamviewer code#
3. Water plant employees used same teamviewer windows 7#

The change was quickly detected and rolled back. The intruder changed the level of lye to 11,100 parts per million, a potentially fatal increase from the normal amount of 100 ppm. In the evening of the same day, an unknown actor gained unauthorized access to the computer interface used to adjust the chemicals that treat drinking water for the roughly 15,000 residents of the small city about 16 miles northwest of Tampa. One of those visits came on February 5 at 9:49 am ET from a computer on a network belonging to the City of Oldsmar. More than 1,000 end-user computers visited the site during the 58-day window that the site was infected.

Water plant employees used same teamviewer code#

The shared TeamViewer password was reported earlier by the Associated Press.Further Reading Florida water plant compromise came hours after worker visited malicious siteThe website, which belonged to a Florida water utility contractor, had been compromised in late December by hackers who then hosted malicious code that seemed to target water utilities, particularly those in Florida, Dragos researcher Kent Backman wrote in a blog post. Even if the change hadn’t been reversed, the officials said, treatment plant personnel have redundancies in place to catch dangerous conditions before water is delivered to homes and businesses. In larger doses, the chemical is a health hazard.Ĭhristopher Krebs, the former head of the Cybersecurity and Infrastructure Security Agency, reportedly told a House of Representatives Homeland Security committee on Wednesday that the breach was “very likely” the work of “a disgruntled employee.”Ĭity officials said residents were never in danger, because the change was quickly detected and reversed. Lye is used in small amounts to adjust drinking water alkalinity and remove metals and other contaminants. The person on the other end changed the amount of lye added to the water from about 100 parts per million to 11,100ppm. The breach occurred around 1:30pm, when an employee watched the mouse on his city computer moving on its own as an unknown party remotely accessed an interface that controlled the water treatment process. The lack of a firewall and a password that was the same for each employee are also signs that the department’s security regimen wasn’t as tight as it could have been.

Water plant employees used same teamviewer windows 7#

Windows 7 also provides fewer security protections than Windows 10. In January, Microsoft ended support for Windows 7, a move that ended security updates for the operating system. The revelations illustrate the lack of security rigor found inside many critical infrastructure environments.

Water plant employees used same teamviewer software#

The actor also likely used the desktop sharing software TeamViewer to gain unauthorized access to the system.Įmployees in Oldsmar’s water treatment department and city manager’s office didn’t immediately respond to phone messages seeking comment for this post. The cyber actors likely accessed the system by exploiting cyber security weaknesses including poor password security, and an outdated Windows 7 operating system to compromise software used to remotely manage water treatment. Further, all computers shared the same password for remote access and appeared to be connected directly to the Internet without any type of firewall protection installed.Ī private industry notification published by the FBI provided a similar assessment. All computers used by water plant personnel were connected to the SCADA system and used the 32-bit version of the Windows 7 operating system. The unidentified actors accessed the water treatment plant’s SCADA controls via remote access software, TeamViewer, which was installed on one of several computers the water treatment plant personnel used to conduct system status checks and to respond to alarms or any other issues that arose during the water treatment process. What’s more, the computer had no firewall installed and used a password that was shared among employees for remotely logging in to city systems with the TeamViewer application.

The tampering could have caused severe sickness or death had it not been for safeguards the city has in place.Īccording to an advisory from the state of Massachusetts, employees with the Oldsmar facility used a computer running Windows 7 to remotely access plant controls known as a SCADA-short for “supervisory control and data acquisition”-system.

After gaining remote access to a computer that controlled equipment inside the Oldsmar water treatment plant, the unknown intruder increased the amount of sodium hydroxide-a caustic chemical better known as lye-by a factor of 100. The computer intrusion happened last Friday in Oldsmar, a Florida city of about 15,000 that’s roughly 15 miles northwest of Tampa. The Florida water treatment facility whose computer system experienced a potentially hazardous computer breach last week used an unsupported version of Windows with no firewall and shared the same TeamViewer password among its employees, government officials have reported.