• Elena Contreras Saura

Are we sufficiently aware of the importance of OT security?

The FBI and the US secret service are investigating a cyberattack on February 5th trying to poison a Florida water supply plant. ūüĒé

According to Ryan Naraine's article in SecurityWeek, the attacker remotely connected to the plant HMI and altered the Sodium Hydroxide levels by a factor of 100. ūüĖ•

One operator on duty identified the remote access and the action and restored the normal levels. If not stopped, this cybercriminal could have harmed a population of 15000, and it would have taken 2 or 3 days to restore the water supply to normal levels of Sodium Hydroxide. ūüõ°

This case, and others targetting critical infrastructure for public safety, makes me think about the need to issue legislation classifying them as acts as terrorisms. ūüí£

And thinking about how to prevent them, it raises some questions:

Would a security audit and penetration tests have identified a vulnerability in the remote access and issued a recommendation to fix it? ūüĒć

Would the use of multi-factor and strong authentication methods have secured remote accesses and avoided this attack? ūüĒź

Can you add in the comments some more measures to prevent attacks like this? ūüôč‚Äć‚ôÄÔłŹ Links: Ryan Naraine's article: https://www.securityweek.com/remote-hacker-caught-poisoning-florida-city-water-supply

LinkedIn post and comments: https://www.linkedin.com/posts/juanjomartinezpagan_otsecurity-cybersecurity-authentication-activity-6764825782876442624-jtbe

2 vistas0 comentarios

Entradas Recientes

Ver todo