Hacker attempts to poison water supply of Florida city

(Image credit: Shutterstock)

Utility plants around the world have been put on alert after a hacker managed to gain remote access to the water treatment plant of a city in Florida and briefly pump in dangerous chemicals.

According to reports, the hacker managed to make his way into a computer for the city’s water treatment system and managed to increase the amount of sodium hydroxide, also known as lye, by a factor of more than 100.

Lye is used in small amounts to control the water’s acidic content, but can wreak havoc in high quantities because of its corrosive properties. The incident could have led to a major disaster if it wasn’t for an alert supervisor who noticed the increase and immediately reduced the level of the chemical back to normal.

Remote attack

Reporting on a briefing by Pinellas County Sheriff Bob Gualtieri, the Tampa Bay Times reports that the hacker’s attempt was caught by a supervisor working remotely.

The Pinellas County Sheriff’s Office is investigating the break-in, along with the FBI and the Secret Service. However, no arrests have been made so far, and according to the report, investigators don’t yet even know whether the attacker was from within the US.

In response the city officials have disabled remote access to their systems and also assured residents that they have several other safeguards to prevent contaminated water from entering the water supply.

According to reports, Verizon detailed a similar attack on another unnamed US water facility in 2016. Even last year, there were multiple unsuccessful hacks on Israeli water supply utilities. 

Many critical systems in the US and elsewhere are run by legacy Industrial Control Systems (ICS) that weren’t designed with cybersecurity in mind. In fact, a 2020 report from CyberNews warned that hackers could exploit a new niche of widespread security vulnerabilities ushered in by the rise of the Internet of Things (IoT) to target and seize control of critical public and private infrastructure in the US. 

Via: BBC

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.