https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-new-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookies Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • Microwave/RF
    • T&D World
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Omdia Crit Comms Circle Podcast
    • Galleries
    • IWCE’s Video Showcase
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
    • Sponsored content
  • IWCE
    • Back
    • Conference
    • Why Attend
    • Exhibitor Listing
    • Floor Plan
    • Exhibiting Information
    • Join the Event Mailing List
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookies Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

Cybersecurity


News

Florida city says water system hacked, warns critical-infrastructure community

Florida city says water system hacked, warns critical-infrastructure community

  • Written by Donny Jackson
  • 10th February 2021

Critical-infrastructure systems are potential targets for cyberattacks, local Florida officials warned after a hacker last week infiltrated the computer system of a Tampa-area city’s water-treatment plant and made a potentially dangerous change to the lye level in the system that was thwarted by an alert plant operator.

Eric Seidel, mayor of Oldsmar, Fla.—a city with a population of less than 15,000—said the public was never in danger of drinking poisoned water, but he acknowledged the hack to the Oldsmar water-treatment system and emphasized the broader implication of the breach on critical-infrastructure entities.

“The important thing is to put everybody on notice,” Seidel said during a press conference Monday about the incident. “I think that’s really the purpose of today, to make sure that everyone realizes that these kind of bad actors are out there. It’s happening, so really take a hard look at what you have in place.”

Pinellas County Sheriff Bob Gualtieri echoed this sentiment.

“Because of this security breach, we are asking that all governmental entities within the Tampa Bay area with critical-infrastructure components actively review their computer-security protocols and make any updates that are consistent with the most up-to-date practices,” Gualtieri said during the press conference.

Last Friday morning, an operator at the Oldsmar water-treatment plant first noted that someone accessed the plant’s computer system, but the operator was not alarmed, because no changes were made and supervisors often checked the system via a remote-access function, Gualtieri said. But the hacker returned at about 1:30 p.m. later that day and was much more active while in the system for 3-5 minutes, changing the level of sodium hydroxide—commonly known as lye, a primary ingredient in liquid drain cleaners—to dangerous levels.

“The hacker changed the sodium hydroxide [level] from about 100 parts per million to 11,100 parts per million,” Gualtieri said. “This is obviously a significant and potentially dangerous increase.

“After the intruder increased the parts per million from 100 to 11,100, the intruder exited the system, and the plant operator immediately reduced the level back to the appropriate amount of 100. Because the operator noticed the increase and lowered it right away, at no time was there a significant effect on the water being treated. Importantly, the public was never in danger.”

Other local, state and federal agencies were notified and are helping investigate the incident, Gualtieri said. As of Monday, no suspects had been identified. Gualtieri said that officials have not determined a motive or whether the hack originated from inside the U.S.

Gualtieri said that it would have taken 24 to 36 hours before water with the high level of lye could have been distributed to the public. Seidel said that the water-treatment plant system includes safeguards within other levels of the system that would have prevented the dangerous water from being consumed by the public.

“The reality of it is that the redundancies we have in place, they work … That lye would have never made it through the process to someone’s tap,” Seidel said. “The systems are set up to catch it. But everyone should be on notice.”

Oldsmar City Manager Al Braithwaite reiterated the role that multiple alarms in the water-treatment system play in ensuring the public’s safety in this case, but he also acknowledged the concern around cyberattacks—a sentiment that has been echoed by many governments and enterprises throughout the United States.

“I think we’ve anticipated that this was coming,” Braithwaite said during the press conference, although he did not cite any other example of critical-infrastructure systems being hacked.

Braithwaite and Gualtieri both noted that the water-treatment plant has disabled the remote-access capability to the facility’s computer system.

Sivan Tehila, a cybersecurity strategist for the Israel-based cybersecurity firm Perimeter 81, said that the lack of publicly acknowledged instances of critical-infrastructure hacks in the United States does not mean that such incidents do not occur.

“I’m not very surprised that it [the Oldsmar water-treatment hack] happened, and there are many similar cases that we probably are not aware of,” Tehila said during an interview with IWCE’s Urgent Communications. “I assume it happens more often than we actually think.”

The fact that the Oldsmar hack resulted in the intrusion of infrastructure as important as the city’s water supply likely will enhance the growing awareness of cybersecurity for critical infrastructure, Tehila said.

“When it comes closer to our day-to-day life—like water, a subway or things like that—it make us much more worried,” she said. “It’s one thing if someone is getting access to your webcam and can see what you’re doing, but it’s another thing when it comes to human life.”

Tehila applauded the quick actions of the Oldsmar water-treatment operator.

“This operator who immediately recognized that there was something wrong with the [lye] level should get a nice award for that,” Tehila said. “Most analysts who are sitting in behind the screen are so overwhelmed that it is hard to decide what is a false-positive alert and what is an actual alert.

“It’s not only about the technology; it’s about the people—if they are skilled enough, if they are trained, and if they are not too tired … Many times, [enterprises] are investing in technology, but they’re not investing in the analysts or the people who sit behind the screen.”

Tehila, who has helped design security solutions for railway and air-pollution systems during her career, acknowledged the challenges facing critical-infrastructure network administrators, particularly as they try to make remote-access opportunities to employees during the COVID-19 pandemic to promote security and convenience. The age of equipment used in many critical-infrastructure systems can create difficulties when trying to integrate them with modern-day IT networks and access protocols, she said.

“One of the reasons why it is so hard to monitor this environment—because, basically, in order to monitor, you need to connect directly to the controllers of a specific system,” Tehila said. “All of these controllers usually are not advanced, so you really need to find a way to connect them and to monitor them without causing any damage.”

“There is no choice but to monitor these systems, but because of the lack of visibility, it’s really hard to identify real-time potential hacks.”

When combined with high-profile hacking issues associated with SolarWinds network-management software, ransomware at hospitals and other critical-infrastructure systems, the incident at the Oldsmar water-treatment plant could spark renewed awareness—and potentially funding—in cybersecurity efforts, according to Tehila.

“I feel like that, because of SolarWinds, we do see government take cybersecurity more seriously,” she said. “I believe that is going to help other organizations and cities get more budget for cybersecurity.

“It’s never too late. But, on the other hand, it’s never enough. It’s a space race, and that’s how it works.”

Perimeter 81 advocates that its clients use Defense in Depth and the company’s zero-trust model to implement remote-access functionality as part of its “firewall as a service” strategy, Tehila said.

“We are a creating a modern remote-access solution to replace VPNs and other legacy solutions,” Tehila said. “Basically, users can connect from everywhere to any environment. We are cloud-agnostic. Besides that, we also have an option to manage policies for the application level and the network level.”

For enterprises without a significant budget for cybersecurity, Tehila said they still can do a lot to enhance cybersecurity by following basic security guidelines that are publicly available. At some point, regulations should be considered, particularly as Internet of Things (IoT) systems are deployed that add connected devices—some with little or no security—that many fear can be exploited to access sensitive networks.

“Many people don’t like regulation, but I think regulation is a great thing, when it comes to security, because it means that companies, industry, government and organizations have to align with this regulation,” Tehila said. “It just makes us, in general, more secure.

“I hope that maybe the SolarWinds incident, all of these things that happened during COVID—like the hospitals [hit by ransomware—and this case with the water will push the regulators to actually have regulations for IoT.”

Despite the considerable cybersecurity challenges associated with modern networking, returning to an architecture with siloed systems likely is not realistic, Tehila said.

“I don’t think there is an option to go back, honestly,” Tehila said. “I think that these companies will have to deal with a new situation, and we’re just going to need to get used to the fact that we’re living in a different world. We’re going to have better technologies to protect ourselves. There will always be someone who will be able to hack that, but we are going to improve ourselves.

“I don’t see any companies today, in the new reality, that are able to not use the cloud for the specific needs of their organization. Besides that, there is no way to monitor in this environment without connecting to the Internet somehow.”

 

 

Tags: homepage-featured-4 Alerting Systems Applications Critical Infrastructure Cybersecurity Enterprise Federal Government/Military Funding Incident Command/Situational Awareness Internet of Things Interoperability IoT/Smart X News Policy Public Safety Regional Coordination Security Software State & Local Government System Design System Operation Test & Measurement Tracking, Monitoring & Control News

Most Recent


  • Cisco confirms data breach, hacked files leaked
    Cisco has confirmed a breach of its network, where the attacker used voice phishing to convince an employee to accept a malicious multifactor authentication (MFA) push. The breach resulted in cyberattackers gaining access to the company’s virtual private network (VPN) and the theft of an unspecified number of files from its network, the company stated […]
  • Researchers developing health-monitoring e-tattoo
    Stories of people embedding digital devices into their bodies are becoming increasingly common; with these digital implants capable of everything from aiding mobility to paying for products, unlocking doors and storing data. A team of researchers from the Korea Advanced Institute of Science and Technology have taken a similar concept and applied it to the […]
  • Partnership launches no-cost wastewater monitoring service for local governments
    Of all the important lessons cities and counties have learned since the pandemic began, high up on the list is the value of working together. No one community can solve cross-jurisdictional challenges alone—that’s a concept that’s at the heart of a new initiative launched by the National League of Cities (NLC) and WastewaterSCAN that brings no-cost wastewater monitoring […]
  • Verizon Frontline demos connectivity and emergency response to chemical spill drill
    CARY, NC – On a hot and humid morning last week, the Verizon Frontline Response Team gathered in the parking lot outside a local Verizon office building to address a chemical spill emergency. Fortunately, what looked like a jet fuel leak in and around nearby Lake Crabtree from a tanker accident on Interstate 40 was […]

One comment

  1. Avatar GBH 10th February 2021 @ 10:50 pm
    Reply

    First Commandment of Cyber Security: Thou Shalt have no pathway of any kind from the public internet to the control system! Firewalls sell products for IT vendors but do not stop this type of thing or we wouldn’t be having this conversation.

Leave a comment Cancel reply

To leave a comment login with your Urgent Comms account:

Log in with your Urgent Comms account

Or alternatively provide your name, email address below:

Your email address will not be published. Required fields are marked *

Related Content

  • Addressing IoT security challenges from the cloud to the edge
  • Cyber risks explode with move to telehealth services
  • Electric-grid stability assailed by growing challenges
  • Fighting the rapid rise of cyber warfare in a changing world

Commentary


LTE and liability: Why the fire service must move forward with digital incident command

  • 2
6th May 2022

Partnership and collaboration must be the foundation for emergency communications

18th April 2022

FirstNet success means no hypothetical ‘shots’ need to be fired, Swenson says

22nd February 2022
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


UrgentComm

Cisco confirms data breach, hacked files leaked dlvr.it/SWV8l9

12th August 2022
UrgentComm

Researchers developing health-monitoring e-tattoo dlvr.it/SWV749

12th August 2022
UrgentComm

Partnership launches no-cost wastewater monitoring service for local governments dlvr.it/SWV5PK

12th August 2022
UrgentComm

Verizon Frontline demos connectivity and emergency response to chemical spill drill dlvr.it/SWV4cg

12th August 2022
UrgentComm

Research claims driverless tech still too easy to trick dlvr.it/SWMDts

10th August 2022
UrgentComm

Coalition expresses urgent need to NG911 funding, wants more than proposed $10 billion dlvr.it/SWL5VW

9th August 2022
UrgentComm

APCO releases NG911 guide, quickly clarifies stance on NENA’s i3 standard dlvr.it/SWKcCY

9th August 2022
UrgentComm

10 malicious code packages slither into PyPI registry dlvr.it/SWKHxl

9th August 2022

Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X