FBI Issues Alert Amid Water-Treatment Hacking Investigation

"FBI Police" (CC BY 2.0) by m01229

Florida law enforcement, FBI and the Secret Service are looking for one or more suspects that attempted to add potentially caustic chemicals to a water treatment facility by remotely accessing the computer sustem at the treatment plant.

During a news conference last Monday, Pinellas County Sheriff Bob Gualtieri said that a plant operator at the Oldsmar water treatment facility prevented the hacker’s attempt on Friday to raise the amount of sodium hydroxide in the water to “dangerous levels.”

After this troubling news, federal law enforcement agencies joined forces in investigating the case. 

In a threat overview alert on Tuesday evening, the FBI said, “The FBI has observed corrupt insiders and external cyber actors using desktop sharing software to victimize targets in a range of organizations, including those in the critical infrastructure sectors.”

The threat overview from the FBI warned that TeamViewer software, which has legal uses as a desktop sharing and remote access platform, was being utilized by hackers to “exercise remote control over computer systems.” The FBI added that the remote access made it “functionally similar” to Trojan-horse style viruses that infect a computer from within and grant remote entry to hackers.

Since TeamViewer have legitimate uses and is not a virus, the FBI gave a warning that the exploitation of it could appear less suspicious to system adminstrators.

In addition to this, the bureau also warned that dated systems such as Microsoft’s Windows 7 operating system are more at risk of becoming even more vulnerable once the manufacturer stops product support. 

Due to this, authorities are recommending using multi-factor authentication, up-to-date software, strong passwords and other security measures. 

The FBI is also recommending workers to have more training in how to attempt social engineering attempts where malicious actors use false identities to persuade victims into leaking information or passwords or compromising their own systems from within.

An example of this is a hacker posing as a member of the IT Department of the company and instructing an employee to provide TeamViewer access so that they could infiltrate the system.

In the case of the Oldsmar water treatment facility, hackers allegedly obtained access to the facility’s supervisory control and data acquisition system. This software that has near-complete control over the plant.

Oldsmar is approximately 15 miles from Tampa and is home to just under 15,000 people.

Gualtieri said, “Right now, we do not have a suspect identified but we do have leads that we’re following,” He added, “We don’t know right now whether the breach originated from within the United States or outside the country. We also do not know why the Oldsmar system was targeted and we have no knowledge of any other systems being unlawfully accessed.”