top of page
Foto del escritorElena Contreras Saura

Are we sufficiently aware of the importance of OT security?

The FBI and the US secret service are investigating a cyberattack on February 5th trying to poison a Florida water supply plant. 🔎


According to Ryan Naraine's article in SecurityWeek, the attacker remotely connected to the plant HMI and altered the Sodium Hydroxide levels by a factor of 100. 🖥


One operator on duty identified the remote access and the action and restored the normal levels. If not stopped, this cybercriminal could have harmed a population of 15000, and it would have taken 2 or 3 days to restore the water supply to normal levels of Sodium Hydroxide. 🛡


This case, and others targetting critical infrastructure for public safety, makes me think about the need to issue legislation classifying them as acts as terrorisms. 💣


And thinking about how to prevent them, it raises some questions:


Would a security audit and penetration tests have identified a vulnerability in the remote access and issued a recommendation to fix it? 🔍


Would the use of multi-factor and strong authentication methods have secured remote accesses and avoided this attack? 🔐


Can you add in the comments some more measures to prevent attacks like this? 🙋‍♀️ Links: Ryan Naraine's article: https://www.securityweek.com/remote-hacker-caught-poisoning-florida-city-water-supply


2 visualizaciones0 comentarios

Comentários


bottom of page