Expand / Collapse search

Cybersecurity experts say Oldsmar water system attack highlights larger vulnerabilities

By
Published  February 9, 2021 6:21pm EST
Pinellas County
FOX 13 News

Cybersecurity expert reacts to Oldsmar attack

Dan Matics reports

OLDSMAR, Fla. - Cities throughout the Tampa Bay area on alert after a cyberattack into the computer that controls the chemicals in Oldsmar’s water supply. 

Cybersecurity expert Austin Berglas says the attack highlights a problem those in his industry have known for a long time: as more systems are put online, the more they become vulnerable to hacks.

The FBI, secret service and Pinellas County Sheriff’s Office are all investigating after a hacker was able to remotely access the Oldsmar water treatment plant and increase the amount of sodium hydroxide, or lye, in the water to a dangerous level. 

A plant operator quickly realized what was happening and stopped it. Officials say no one was in any danger and the hacker’s actions were stopped before the changes could occur.

Water treatment facility hack raises public utility conerns

Sheriff Bob Gualtieri says someone first hacked the system around 8 a.m. Friday. The plant operator at first didn’t think anything of it at the time because his supervisors use remote access to get into the system all the time.

Berglas, who built and led the FBI’s cyber unit in New York, calls this attack unsophisticated but very alarming. 

"Any attack on critical infrastructure should be held at a higher level because it could have impact not only on the national security of the United States but because it could harm humans," Berglas said.

The Oldsmar Water Department has stopped using a program called Team Viewer, which allowed supervisors to remote access to the water management computer system.

Berglas says it looks like a username and password were stolen through phishing or possibly social engineering.

"Oftentimes, those credentials can be stolen and sold on the dark web to be used by other actors," Berglas explained.

Officials in Clearwater and St. Pete would not talk about the operations of their infrastructure but would only say they are aware of their situation. 

The city of Tampa says it does use remote access at its water treatment plant, but officials are confident in their layers of security.

"When we hear of an event like we did in Oldsmar, we contact all of our water departments to make sure we aren’t experiencing anything similar. We do take events like this seriously," said Chuck Weber, Tampa water department director.

Oldsmar’s operation is significantly smaller than Tampa or St. Pete. Security experts say it’s too early to know if that’s why the city was targeted and by whom. 

"We have seen groups and organizations target small and unprotected infrastructure as a testing ground for a larger attack. That could be one possibility. It could be happenstance where the hacker didn’t really understand what they were getting into," Berglas said.

Even if the operator at the Oldsmar water treatment plant hadn’t noticed the hack, officials say there are other safeguards to prevent the PH level of the water from changing.