https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-new-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookies Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • Microwave/RF
    • T&D World
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Omdia Crit Comms Circle Podcast
    • Galleries
    • IWCE’s Video Showcase
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
    • Sponsored content
  • IWCE
    • Back
    • Conference
    • Why Attend
    • Exhibitor Listing
    • Floor Plan
    • Exhibiting Information
    • Join the Event Mailing List
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookies Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

Cybersecurity


News

Florida city says water system hacked, warns critical-infrastructure community

Florida city says water system hacked, warns critical-infrastructure community

  • Written by Donny Jackson
  • 10th February 2021

Critical-infrastructure systems are potential targets for cyberattacks, local Florida officials warned after a hacker last week infiltrated the computer system of a Tampa-area city’s water-treatment plant and made a potentially dangerous change to the lye level in the system that was thwarted by an alert plant operator.

Eric Seidel, mayor of Oldsmar, Fla.—a city with a population of less than 15,000—said the public was never in danger of drinking poisoned water, but he acknowledged the hack to the Oldsmar water-treatment system and emphasized the broader implication of the breach on critical-infrastructure entities.

“The important thing is to put everybody on notice,” Seidel said during a press conference Monday about the incident. “I think that’s really the purpose of today, to make sure that everyone realizes that these kind of bad actors are out there. It’s happening, so really take a hard look at what you have in place.”

Pinellas County Sheriff Bob Gualtieri echoed this sentiment.

“Because of this security breach, we are asking that all governmental entities within the Tampa Bay area with critical-infrastructure components actively review their computer-security protocols and make any updates that are consistent with the most up-to-date practices,” Gualtieri said during the press conference.

Last Friday morning, an operator at the Oldsmar water-treatment plant first noted that someone accessed the plant’s computer system, but the operator was not alarmed, because no changes were made and supervisors often checked the system via a remote-access function, Gualtieri said. But the hacker returned at about 1:30 p.m. later that day and was much more active while in the system for 3-5 minutes, changing the level of sodium hydroxide—commonly known as lye, a primary ingredient in liquid drain cleaners—to dangerous levels.

“The hacker changed the sodium hydroxide [level] from about 100 parts per million to 11,100 parts per million,” Gualtieri said. “This is obviously a significant and potentially dangerous increase.

“After the intruder increased the parts per million from 100 to 11,100, the intruder exited the system, and the plant operator immediately reduced the level back to the appropriate amount of 100. Because the operator noticed the increase and lowered it right away, at no time was there a significant effect on the water being treated. Importantly, the public was never in danger.”

Other local, state and federal agencies were notified and are helping investigate the incident, Gualtieri said. As of Monday, no suspects had been identified. Gualtieri said that officials have not determined a motive or whether the hack originated from inside the U.S.

Gualtieri said that it would have taken 24 to 36 hours before water with the high level of lye could have been distributed to the public. Seidel said that the water-treatment plant system includes safeguards within other levels of the system that would have prevented the dangerous water from being consumed by the public.

“The reality of it is that the redundancies we have in place, they work … That lye would have never made it through the process to someone’s tap,” Seidel said. “The systems are set up to catch it. But everyone should be on notice.”

Oldsmar City Manager Al Braithwaite reiterated the role that multiple alarms in the water-treatment system play in ensuring the public’s safety in this case, but he also acknowledged the concern around cyberattacks—a sentiment that has been echoed by many governments and enterprises throughout the United States.

“I think we’ve anticipated that this was coming,” Braithwaite said during the press conference, although he did not cite any other example of critical-infrastructure systems being hacked.

Braithwaite and Gualtieri both noted that the water-treatment plant has disabled the remote-access capability to the facility’s computer system.

Sivan Tehila, a cybersecurity strategist for the Israel-based cybersecurity firm Perimeter 81, said that the lack of publicly acknowledged instances of critical-infrastructure hacks in the United States does not mean that such incidents do not occur.

“I’m not very surprised that it [the Oldsmar water-treatment hack] happened, and there are many similar cases that we probably are not aware of,” Tehila said during an interview with IWCE’s Urgent Communications. “I assume it happens more often than we actually think.”

The fact that the Oldsmar hack resulted in the intrusion of infrastructure as important as the city’s water supply likely will enhance the growing awareness of cybersecurity for critical infrastructure, Tehila said.

“When it comes closer to our day-to-day life—like water, a subway or things like that—it make us much more worried,” she said. “It’s one thing if someone is getting access to your webcam and can see what you’re doing, but it’s another thing when it comes to human life.”

Tehila applauded the quick actions of the Oldsmar water-treatment operator.

“This operator who immediately recognized that there was something wrong with the [lye] level should get a nice award for that,” Tehila said. “Most analysts who are sitting in behind the screen are so overwhelmed that it is hard to decide what is a false-positive alert and what is an actual alert.

“It’s not only about the technology; it’s about the people—if they are skilled enough, if they are trained, and if they are not too tired … Many times, [enterprises] are investing in technology, but they’re not investing in the analysts or the people who sit behind the screen.”

Tehila, who has helped design security solutions for railway and air-pollution systems during her career, acknowledged the challenges facing critical-infrastructure network administrators, particularly as they try to make remote-access opportunities to employees during the COVID-19 pandemic to promote security and convenience. The age of equipment used in many critical-infrastructure systems can create difficulties when trying to integrate them with modern-day IT networks and access protocols, she said.

“One of the reasons why it is so hard to monitor this environment—because, basically, in order to monitor, you need to connect directly to the controllers of a specific system,” Tehila said. “All of these controllers usually are not advanced, so you really need to find a way to connect them and to monitor them without causing any damage.”

“There is no choice but to monitor these systems, but because of the lack of visibility, it’s really hard to identify real-time potential hacks.”

When combined with high-profile hacking issues associated with SolarWinds network-management software, ransomware at hospitals and other critical-infrastructure systems, the incident at the Oldsmar water-treatment plant could spark renewed awareness—and potentially funding—in cybersecurity efforts, according to Tehila.

“I feel like that, because of SolarWinds, we do see government take cybersecurity more seriously,” she said. “I believe that is going to help other organizations and cities get more budget for cybersecurity.

“It’s never too late. But, on the other hand, it’s never enough. It’s a space race, and that’s how it works.”

Perimeter 81 advocates that its clients use Defense in Depth and the company’s zero-trust model to implement remote-access functionality as part of its “firewall as a service” strategy, Tehila said.

“We are a creating a modern remote-access solution to replace VPNs and other legacy solutions,” Tehila said. “Basically, users can connect from everywhere to any environment. We are cloud-agnostic. Besides that, we also have an option to manage policies for the application level and the network level.”

For enterprises without a significant budget for cybersecurity, Tehila said they still can do a lot to enhance cybersecurity by following basic security guidelines that are publicly available. At some point, regulations should be considered, particularly as Internet of Things (IoT) systems are deployed that add connected devices—some with little or no security—that many fear can be exploited to access sensitive networks.

“Many people don’t like regulation, but I think regulation is a great thing, when it comes to security, because it means that companies, industry, government and organizations have to align with this regulation,” Tehila said. “It just makes us, in general, more secure.

“I hope that maybe the SolarWinds incident, all of these things that happened during COVID—like the hospitals [hit by ransomware—and this case with the water will push the regulators to actually have regulations for IoT.”

Despite the considerable cybersecurity challenges associated with modern networking, returning to an architecture with siloed systems likely is not realistic, Tehila said.

“I don’t think there is an option to go back, honestly,” Tehila said. “I think that these companies will have to deal with a new situation, and we’re just going to need to get used to the fact that we’re living in a different world. We’re going to have better technologies to protect ourselves. There will always be someone who will be able to hack that, but we are going to improve ourselves.

“I don’t see any companies today, in the new reality, that are able to not use the cloud for the specific needs of their organization. Besides that, there is no way to monitor in this environment without connecting to the Internet somehow.”

 

 

Tags: homepage-featured-4 Alerting Systems Applications Critical Infrastructure Cybersecurity Enterprise Federal Government/Military Funding Incident Command/Situational Awareness Internet of Things Interoperability IoT/Smart X News Policy Public Safety Regional Coordination Security Software State & Local Government System Design System Operation Test & Measurement Tracking, Monitoring & Control News

Most Recent


  • FCC approves order to modernize priority-service rules
    FCC commissioners yesterday voted unanimously to approve a report and order that is designed to modernize and streamline the agency’s rules for three priority-service offerings: Wireless Priority Service (WPS), the Government Emergency Telecommunications Service (GETS) and the Telecommunications Service Priority (TSP) System. All three of these services—designed for use by national-security and emergency-preparedness personnel who […]
  • Florida P25 system slated for completion in 2024, will interoperate with FirstNet
    Florida’s efforts to transition its Statewide Law-Enforcement Radio System (SLERS) from legacy EDACS to P25 technology that is augmented by FirstNet broadband service is largely on schedule, with most public-safety users having P25 devices by July, according to an official with contractor L3Harris. Keith Gaston, the SLERS account manager for L3Harris, said that all of […]
  • More Verizon changes: price hikes, departure of biz CEO Erwin
    On the same day that Bloomberg reported on Verizon’s plans to increase prices, the CEO of the company’s business unit, Tami Erwin, announced her plans to leave the company by the end of the year. The developments reflect the difficulties Verizon has been facing amid growing competition in the wireless sector and inflation in the US economy. […]
  • Canada officially gives Huawei and ZTE the boot
    Despite his frothy name, François-Philippe Champagne did not bring any sparkle for Chinese vendors waiting to hear if they would be allowed to sell products in Canada. The Canadian minister of innovation, science and industry had only disappointing news for Huawei and ZTE earlier today. From now on, neither will be allowed to serve Canadian […]

One comment

  1. Avatar GBH 10th February 2021 @ 10:50 pm
    Reply

    First Commandment of Cyber Security: Thou Shalt have no pathway of any kind from the public internet to the control system! Firewalls sell products for IT vendors but do not stop this type of thing or we wouldn’t be having this conversation.

Leave a comment Cancel reply

To leave a comment login with your Urgent Comms account:

Log in with your Urgent Comms account

Or alternatively provide your name, email address below:

Your email address will not be published. Required fields are marked *

Related Content

  • Addressing IoT security challenges from the cloud to the edge
  • Cyber risks explode with move to telehealth services
  • Electric-grid stability assailed by growing challenges
  • Fighting the rapid rise of cyber warfare in a changing world

Commentary


LTE and liability: Why the fire service must move forward with digital incident command

  • 2
6th May 2022

Partnership and collaboration must be the foundation for emergency communications

18th April 2022

FirstNet success means no hypothetical ‘shots’ need to be fired, Swenson says

22nd February 2022
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


UrgentComm

FCC approves order to modernize priority-service rules dlvr.it/SQmSN0

20th May 2022
UrgentComm

Meet smart city goals cost-effectively dlvr.it/SQmPkr

20th May 2022
UrgentComm

Security for microwave links dlvr.it/SQmNwX

20th May 2022
UrgentComm

Florida P25 system slated for completion in 2024, will interoperate with FirstNet dlvr.it/SQm9cf

20th May 2022
UrgentComm

More Verizon changes: price hikes, departure of biz CEO Erwin dlvr.it/SQlWPT

20th May 2022
UrgentComm

Canada officially gives Huawei and ZTE the boot dlvr.it/SQlGht

20th May 2022
UrgentComm

MITRE creates framework for supply-chain security dlvr.it/SQlFjC

20th May 2022
UrgentComm

John Deere one step closer to fully autonomous farming dlvr.it/SQl7dv

20th May 2022

Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • Microwave/RF
  • T&D World
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X