- The Washington Times - Thursday, February 11, 2021

The federal government warned Thursday that the breach of a Florida town’s water treatment plant’s security likely resulted from poor password security and the use of an outdated operating system. 

A hacker breached a water treatment plant in Oldsmar, Florida, on Friday in an attempt to change the toxicity of drinking water that was foiled by a plant operator, according to local officials.

The hacker aimed to change the water’s level of sodium hydroxide, which is also known as the liquid drain ingredient lye, from 100 parts per million to 11,100 parts per million. 

“Unidentified cyber actors” are responsible for the intrusion at the water plant, according to a Thursday evening statement from the FBI, Cybersecurity and Infrastructure Security Agency, the Environmental Protection Agency, and the Multi-State Information Sharing and Analysis Center.

The agencies said early information suggests that desktop sharing software, such as TeamViewer, may have been leveraged by the bad actors.



“Desktop sharing software, which has multiple legitimate uses—such as enabling telework, remote technical support, and file transfers—can also be exploited through malicious actors use of social engineering tactics and other illicit measures,” said the agencies in a statement.

“Windows 7 will become more susceptible to exploitation due to lack of security updates and the discovery of new vulnerabilities. Microsoft and other industry professionals strongly recommend upgrading computer systems to an actively supported operating system.”

The agencies noted that Microsoft ended support for Windows 7 in January 2020 and urged users to update to the latest version of the operating system, namely Windows 10. Stronger passwords and multi-factor authentication are cyber hygiene tools that the agencies also recommend for avoiding falling victim to similar attacks.   

Sign up for Daily Newsletters

Manage Newsletters

Copyright © 2021 The Washington Times, LLC. Click here for reprint permission.

Please read our comment policy before commenting.

 

Click to Read More and View Comments

Click to Hide