The FBI and the US secret service are investigating a cyberattack on February 5th trying to poison a Florida water supply plant. 🔎
According to Ryan Naraine's article in SecurityWeek, the attacker remotely connected to the plant HMI and altered the Sodium Hydroxide levels by a factor of 100. 🖥
One operator on duty identified the remote access and the action and restored the normal levels. If not stopped, this cybercriminal could have harmed a population of 15000, and it would have taken 2 or 3 days to restore the water supply to normal levels of Sodium Hydroxide. 🛡
This case, and others targetting critical infrastructure for public safety, makes me think about the need to issue legislation classifying them as acts as terrorisms. 💣
And thinking about how to prevent them, it raises some questions:
Would a security audit and penetration tests have identified a vulnerability in the remote access and issued a recommendation to fix it? 🔍
Would the use of multi-factor and strong authentication methods have secured remote accesses and avoided this attack? 🔐
Can you add in the comments some more measures to prevent attacks like this? 🙋♀️ Links: Ryan Naraine's article: https://www.securityweek.com/remote-hacker-caught-poisoning-florida-city-water-supply
LinkedIn post and comments: https://www.linkedin.com/posts/juanjomartinezpagan_otsecurity-cybersecurity-authentication-activity-6764825782876442624-jtbe
Comentários