ALL NEWS

In Florida city, hackers try to poison the drinking water

Feb 9, 2021, 5:30 AM
In this screen shot from a YouTube video posted by the Pinellas County Sheriff's Office, Pinellas C...
In this screen shot from a YouTube video posted by the Pinellas County Sheriff's Office, Pinellas County Sheriff Bob Gualtieri speaks during a news conference as Oldsmar, Fla., Mayor Eric Seidel, left, listens, Monday, Feb. 8, 2021, in Oldsmar, Fla. Authorities say a hacker gained access to Oldsmar's water treatment plant in an unsuccessful attempt to taint the water supply with a caustic chemical. (Pinellas County Sheriff's Office via AP)
(Pinellas County Sheriff's Office via AP)

A hacker gained unauthorized entry to the system controlling the water treatment plant of a Florida city of 15,000 and tried to taint the water supply with a caustic chemical, exposing a danger cybersecurity experts say has grown as systems become both more computerized and accessible via the internet.

The hacker who breached the system at the city of Oldsmar’s water treatment plant on Friday using a remote access program shared by plant workers briefly increased the amount of sodium hydroxide by a factor of one hundred (from 100 parts per million to 11,100 parts per million), Pinellas County Sheriff Bob Gualtieri said during a news conference Monday.

Sodium hydroxide, also called lye, is used to treat water acidity but the compound is also found in cleaning supplies such as soaps and drain cleaners. It can cause irritation, burns and other complications in larger quantities.

Fortunately, a supervisor saw the chemical being tampered with — as a mouse controlled by the intruder moved across the screen changing settings — and was able to intervene and immediately reverse it, Gualtieri said. Oldsmar is about 15 miles (25 kilometers) northwest of Tampa.

Gualtieri said the public was never in danger.

But he did say the intruder took “the sodium hydroxide up to dangerous levels.”

Oldsmar officials have since disabled the remote-access system, and say other safeguards were in place to prevent the increased chemical from getting into the water. Officials warned other city leaders in the region — which was hosting the Super Bowl — about the incident and suggested they check their systems.

Experts say municipal water and other systems have the potential to be easy targets for hackers because local governments’ computer infrastructure tends to be underfunded.

Robert M. Lee, CEO of Dragos Security, and a specialist in industrial control system vulnerabilities, said remote access to industrial control systems such as those running water treatment plants has become increasingly common.

“As industries become more digitally connected we will continue to see more states and criminals target these sites for the impact they have on society,” Lee said.

The leading cybersecurity firm FireEye attributed an uptick in hacking attempts it has seen in the last year mostly to novices seeking to learn about remotely accessible industrial systems. Many victims appear to have been selected arbitrarily and no serious damage was caused in any of the cases — in part because of safety mechanisms and professional monitoring, FireEye analyst Daniel Kapellmann Zafra said in a statement.

“While the (Oldsmar) incident does not appear to be particularly complex, it highlights the need to strengthen the cybersecurity capabilities across the water and wastewater industry,” he said.

What concerns experts most is the potential for state-backed hackers intent on doing serious harm targeting water supplies, power grids and other vital services.

In May, Israel’s cyber chief s aid the country had thwarted a major cyber attack a month earlier against its water systems, an assault widely attributed to its archenemy Iran. Had Israel not detected the attack in real time, he said chlorine or other chemicals could have entered the water, leading to a “disastrous” outcome.

Tarah Wheeler, a Harvard Cybersecurity Fellow, said communities should take every precaution possible when using remote access technology on something as critical as a water supply.

“The systems administrators in charge of major civilian infrastructure like a water treatment facility should be securing that plant like they’re securing the water in their own kitchens,” Wheeler told the Associated Press via email. “Sometimes when people set up local networks, they don’t understand the danger of an improperly configured and secured series of internet-connected devices.”

A plant worker first noticed the unusual activity at around 8 a.m. Friday when someone briefly accessed the system but thought little of it because co-workers regularly accessed the system remotely, Gualtieri told reporters. But at about 1:30 p.m., someone accessed it again, took control of the mouse, directed it to the software that controls water treatment and increased the amount of sodium hydroxide.

The sheriff said the intruder was active for three to five minutes. When they exited, the plant operator immediately restored the proper chemical mix, he said.

Other safeguards in place — including manual monitoring — likely would have caught the change in the 24 to 36 hours it took before it reached the water supply, the sheriff said.

Investigators said it wasn’t immediately clear where the attack came from — whether the hacker was domestic or foreign. The FBI, along with the Secret Service and the Pinellas County Sheriff’s Office are investigating the case.

Russian state-backed hackers have in recent years penetrated some U.S. industrial control systems, including the power grid and manufacturing plants while Iranian hackers were caught seizing control of a suburban New York dam in 2013. In no case was damage inflicted but officials say they believe the foreign adversaries have planted software boobytraps that could be activated in an armed conflict.

—-

Bajak reported from Boston.

We want to hear from you.

Have a story idea or tip? Send it to the KSL NewsRadio team here.

Today’s Top Stories

All News

The main reason small businesses fail in America is that the business owner doesn't have access to ...
Simone Seikaly

Lack of access stands between Black-owned businesses and success

But lack of access to money isn't the only thing that hinders Black-owned business in Utah and across the nation.
18 hours ago
More Americans are struggling to pay their energy bills.  Nearly 1.5 million more U.S. households ...
Curt Gresseth

Cost of heating homes in Utah rising as thermometer sinks

The cost of heating a home in Utah is rising because demand has increased and the drought in the West has cut into production.
18 hours ago
Friday, February 3 at noon, don't miss a special hour with KSL's BYU Insider Mitch Harper....
Ike Yospe

BYU Big 12 Preview Special

Friday, February 3 at noon, don't miss a special hour with KSL's BYU Insider Mitch Harper.
18 hours ago
Shots were reportedly fired in the parking lot of Taylorsville High School on Thursday afternoon, l...
BY MADISON SWENSON, KSL TV

Teen arrested for firing shots in Taylorsville High parking lot

A 17-year-old boy was arrested in connection to the shots fired last week in the parking lot of Taylorsville High School.
18 hours ago
Mr. Murphy, a basset posing as a bee, leans in to get a sniff of 5-year-old Alex Schilling during t...
Elizabeth Weiler

Humane Society of Utah says shelters are full, adoptions are needed

The Humane Society of Utah says their shelters are filling up, especially with large breed dogs and puppies.
18 hours ago
amber alert...
Adam Small

Suspect in Layton Amber Alert charged

LAYTON, Utah– Prosecutors in Davis County have officially filed charges against a man suspected of kidnapping a 13-year-old boy, which prompted police to send out an Amber Alert in December. New charging documents allege Aaron Michael Zeman, 26, also known as Tadashi Kojima, had been communicating with the 13-year-old Layton boy as far back as […]
18 hours ago

Sponsored Articles

Banner with Cervical Cancer Awareness Realistic Ribbon...
Intermountain Health

Five Common Causes of Cervical Cancer – and What You Can Do to Lower Your Risk

January is National Cervical Cancer Awareness month and cancer experts at Intermountain Health are working to educate women about cervical cancer, the tests that can warn women about potential cancer, and the importance of vaccination.
Kid holding a cisco fish at winterfest...
Bear Lake Convention and Visitors Bureau

Get Ready for Fun at the 2023 Bear Lake Monster Winterfest

The Bear Lake Monster Winterfest is an annual weekend event jam-packed full of fun activities the whole family can enjoy. This year the event will be held from January 27-29 at the Utah Bear Lake State Park Marina and Sunrise Resort and Event Center in Garden City, Utah. 
happy friends with sparklers at christmas dinner...
Macey's

15 Easy Christmas Dinner Ideas

We’ve scoured the web for you and narrowed down a few of our favorite Christmas dinner ideas to make your planning easy. Choose from the dishes we’ve highlighted to plan your meal or start brainstorming your own meal plan a couple of weeks before to make sure you have time to shop and prepare.
Spicy Homemade Loaded Taters Tots...
Macey's

5 Game Day Snacks for the Whole Family (with recipes!)

Try these game day snacks to make watching football at home with your family feel like a special occasion. 
Happy joyful smiling casual satisfied woman learning and communicates in sign language online using...
Sorenson

The Best Tools for Deaf and Hard-of-Hearing Workplace Success

Here are some of the best resources to make your workplace work better for Deaf and hard-of-hearing employees.
Team supporters celebrating at a tailgate party...
Macey's

8 Delicious Tailgate Foods That Require Zero Prep Work

In a hurry? These 8 tailgate foods take zero prep work, so you can fuel up and get back to what matters most: getting hyped for your favorite
In Florida city, hackers try to poison the drinking water