Breached Water Plant Employees Shared Same Password, No Firewall

by
martyb
from SoylentNews on (#5E39Y)

DannyB writes:

Breached water plant employees used the same TeamViewer password and no firewall:

The Florida water treatment facility whose computer system experienced a potentially hazardous computer breach last week used an unsupported version of Windows with no firewall and shared the same TeamViewer password among its employees, government officials have reported.

After gaining remote access [...] the unknown intruder increased the amount of sodium hydroxide-a caustic chemical better known as lye-by a factor of 100. The tampering could have caused severe sickness or death had it not been for safeguards the city has in place.

According to an advisory from the state of Massachusetts, employees with the Oldsmar facility used a computer running Windows 7 to remotely access plant controls known as a SCADA-short for supervisory control and data acquisition"-system. What's more, the computer had no firewall installed and used a password that was shared among employees for remotely logging in to city systems with the TeamViewer application.

Massachusetts officials wrote:

The unidentified actors accessed the water treatment plant's SCADA controls via remote access software, TeamViewer, which was installed on one of several computers the water treatment plant personnel used to conduct system status checks and to respond to alarms or any other issues that arose during the water treatment process. All computers used by water plant personnel were connected to the SCADA system and used the 32-bit version of the Windows 7 operating system. Further, all computers shared the same password for remote access and appeared to be connected directly to the Internet without any type of firewall protection installed.

[....] The revelations illustrate the lack of security rigor found inside many critical infrastructure environments.

It was a 32-bit computer; so they wisely had Windows 7 instead of XP.

See also:
recent SoylentNews article about this, attempt to poison the water supply of residents in Oldsmar, Forida.

Original Submission

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments