[HN Gopher] Someone attempted to poison water supply in Florida ...
___________________________________________________________________
Someone attempted to poison water supply in Florida city during
hack
Author : ilamont
Score : 48 points
Date : 2021-02-08 21:19 UTC (1 hours ago)
(HTM) web link (www.tampabay.com)
(TXT) w3m dump (www.tampabay.com)
| hoppla wrote:
| I assume water treatment plants are considered critical
| infrastructure and have regulations to prevent unauthorized
| access.
|
| Either someone messed up, or there is a resourceful attacker.
| walrus01 wrote:
| > "But at about 1:30 p.m. the same day, Gualtieri said, someone
| accessed the system again. This time, he said, the operator
| watched as someone took control of the mouse, directed it to the
| software that controls water treatment, worked inside it for
| three to five minutes and increased the amount of sodium
| hydroxide from 100 parts per million to 11,100 parts per
| million."
|
| who wants to bet this might have been as simple as improper
| usage/implementation of Teamviewer gone wrong?
|
| when dealing with persons/organizations who are not focused on
| infosec/netsec issues, given the opportunity and ability to do
| so, never underestimate the workarounds and kludges that people
| will install to "make their job easier", such as putting
| teamviewer on control system PCs running water systems.
| pengaru wrote:
| RDP exposed on municipal water control systems? are you fucking
| kidding me?
| sithadmin wrote:
| Jives with my experiences working in consulting and on the
| vendor side of things, honestly. Systems that don't have any
| practical need for air gaps always seem to be air-gapped, and
| systems that probably should be air-gapped often aren't.
| helios_invictus wrote:
| Not the first time I've seen something like this.
| beervirus wrote:
| Dup of this submission:
| https://news.ycombinator.com/item?id=26070262
___________________________________________________________________
(page generated 2021-02-08 23:01 UTC)