It has been reported, the possibility of a severe Florida cyberattack that could have fallen victim to a hackers attack earlier this week resulting in lethal contamination of water plant in Oldsmar, Florida.
According to sources, the water plant used several old and dated Windows systems to oversee the facility, and that all of the systems were apparently sharing the same password to access an out of use remote management system version of the water plant.
Since investigations are still underway whether the aforementioned factors could have helped the hackers attack the Florida water plant is yet to be confirmed.
However, the possibilities of this severe Florida cyberattack shed light on the inferior cybersecurity health of the plant whose sudden cyber hazard has alerted the nation’s liability to industrial cyberattacks.
Traces of dated software:
Based on the regional authorities’ statements, the hackers obtained unauthorized access to the facility’s control systems via an unused remote access software called TeamViewer that was present on their system.
They stated that the TeamViewer software was installed on one of the many devices that the facility’s staff used to regulate system status inspections and to respond to alarms or other technical difficulties that came up during the water treatment process.
Reportedly, a Google Chrome software product had been deployed across the facility’s systems for remote access six months prior, thus replacing the TeamViewer software. The statement could promote additional questions about why the pre-existing and outdated software was not entirely wiped from their systems.
Statements from Teamviewer spokesperson suggest that no evidence of dubious operations was discovered in prompt investigations on the systems of Teamviewer.
“TeamViewer is actively used by global customers of the service and has more than 550,000 paid subscribers”, reports Teamviewer.
Poisoning Florida Water Supply:
As for the details,
Florida cyberattack, hackers were attempting to raise the sodium hydroxide levels of the water supply which experts informed can be extremely lethal in higher concentrations.
Fortunately, early discoveries and investigations prevented the affairs from getting severe.
The outdated device that was actively utilized by the plant’s system was the 32-bit version of Windows 7, released back in 2009 was initially suspected to have been exploited.
Investigators say that since all the computers were sharing the same password for remote access, anybody could log in and a person just needed to know how to operate the systems so as to tamper with the industrial controls and in this case, potentially poison the entire city of Florida.
“The computer systems had appeared to be directly connected to the internet without any type of firewall protection installed” state investigators, “and hence the hacker or hackers did not exploit any vulnerabilities of the operating system but the weakness of the old remote control software i.e. TeamViewer which was exposed to the internet.”
Cybersecurity experts have described the incident as a wake-up call. Any organization with these levels of internet-dependent systems should have multiple layers of cybersecurity protections deployed to maintain healthy data privacy and cybersecurity environments.
Especially in our routines of the “new normal” where everyone, from individuals to organizations, has integrated digital systems on such basic yet large levels.