Breached water plant workers used the identical TeamViewer password and no firewall

Stock photo of a water main cover.

The Florida water therapy facility whose laptop system skilled a probably hazardous laptop breach final week used an unsupported model of Home windows with no firewall and shared the identical TeamViewer password amongst its workers, authorities officers have reported.

The pc intrusion happened last Friday in Oldsmar, a Florida metropolis of about 15,000 that’s roughly 15 miles northwest of Tampa. After gaining distant entry to a pc that managed tools contained in the Oldsmar water therapy plant, the unknown intruder elevated the quantity of sodium hydroxide—a caustic chemical higher often known as lye—by an element of 100. The tampering might have induced extreme illness or demise had it not been for safeguards town has in place.

Watch out for lax safety

Based on an advisory from the state of Massachusetts, workers with the Oldsmar facility used a pc working Home windows 7 to remotely entry plant controls often known as a SCADA—brief for “supervisory management and information acquisition”—system. What’s extra, the pc had no firewall put in and used a password that was shared amongst workers for remotely logging into metropolis methods with the TeamViewer utility

Massachusetts officers wrote:

The unidentified actors accessed the water therapy plant’s SCADA controls by way of distant entry software program, TeamViewer, which was put in on one among a number of computer systems the water therapy plant personnel used to conduct system standing checks and to answer alarms or every other points that arose through the water therapy course of. All computer systems utilized by water plant personnel had been related to the SCADA system and used the 32-bit model of the Home windows 7 working system. Additional, all computer systems shared the identical password for distant entry and seemed to be related on to the Web with none sort of firewall safety put in.

A non-public trade notification revealed by the FBI offered an identical evaluation. It mentioned:

The cyber actors possible accessed the system by exploiting cyber safety weaknesses together with poor password safety, and an outdated Home windows 7 working system to compromise software program used
to remotely handle water therapy. The actor additionally possible used the desktop sharing software program TeamViewer to achieve unauthorized entry to the system.


Staff in Oldsmar’s water therapy division and metropolis supervisor’s workplace didn’t instantly reply to telephone messages in search of remark for this publish.

Sins and omissions

The revelations illustrate the dearth of safety rigor discovered inside many important infrastructure environments. In January, Microsoft ended support for Windows 7, a transfer that ended safety updates for the working system. Home windows 7 additionally gives fewer safety protections than Home windows 10. The shortage of a firewall and a password that was the identical for every worker are additionally indicators that the division’s safety routine wasn’t as tight because it might have been.

The breach occurred round 1:30pm, when an worker watched the mouse on his metropolis laptop transferring by itself as an unknown social gathering remotely accessed an interface that managed the water therapy course of. The particular person on the opposite finish modified the quantity of lye added to the water from about 100 components per million to 11,100 ppm. Lye is utilized in small quantities to regulate consuming water alkalinity and take away metals and different contaminants. In bigger doses, the chemical is a well being hazard.

Christopher Krebs, the previous head of the Cybersecurity and Infrastructure Safety Company, reportedly told a Home of Representatives Homeland Safety committee on Wednesday that the breach was “very possible” the work of “a disgruntled worker.”

Metropolis officers mentioned residents had been by no means at risk, as a result of the change was shortly detected and reversed. Even when the change hadn’t been reversed, the officers mentioned, therapy plant personnel have redundancies in place to catch harmful situations earlier than water is delivered to houses and companies.

The shared TeamViewer password was reported earlier by the Related Press.

Recent Articles

Electrician Salisbury: The Importance of Regular Electrical Maintenance

Regular electrical maintenance plays a vital role in maintaining the safety and efficiency of your home.

Function Venues Adelaide: From Historic Charm to Modern Elegance

With an abundance of options that accommodate a variety of occasions, Adelaide's function venues are particularly remarkable. Adelaide, the...

Sports Physio Adelaide: The Benefits of Sports Physio for Adelaide Athletes

Sports physiotherapy can help athletes achieve performance goals and enjoy a long, healthy sporting career. Undeniably,sports physio in Adelaidehas...

Skip Hire Adelaide: A Complete Guide to Choosing the Right Size

Choosing the correct skip size entails evaluating your waste disposal needs, estimating the amount of waste, and understanding the different skip sizes...

Bathroom Tiles Adelaide: Transforming Your Bathroom with the Top Tile Trends

The right bathroom tiles for your Adelaide home can considerably enhance the overall look and feel of your bathroom.

Related Stories

Stay on op - Ge the daily news in your inbox