- Water plant employees used same teamviewer software#
- Water plant employees used same teamviewer password#
In this specific case, the malware recorded “normal” plant operations then played these recordings back to monitoring systems during physical attack sequences to mask events from plant operators. “The critical item enabling Stuxnet’s success was the malware’s ability to induce a general loss or denial of view condition in the victim environment. The 2009 Stuxnet attack on Iran’s centrifuges at a nuclear enrichment plant. While crafting a conclusion, Slowik looked at four well-known cyberattacks on ICS systems: A plant worker noticed the manipulation of the sodium hydroxide on his screen and when the attacker returned the level to its proper point.
Water plant employees used same teamviewer password#
News reports say the access password was shared among a number of employees.
Water plant employees used same teamviewer software#
“Although the incident resulted in neither significant disruption nor outright damage, the simple fact that some unknown entity attempted the above action is deeply concerning, reflecting either callousness given the potential harm, or ignorance as to what the attempted change might have produced in the serviced population,” he added.Īccording to statements from the city and news reports, someone accessed the water plant management system through the remote access software TeamViewer and boosted the amount of sodium hydroxide (lye) in the water treatment system. The modification to sodium hydroxide levels was so extreme as to almost certainly trigger engineering or other non-ICS (industrial control system) controls or alarms within the environment.The intruder did not attempt to hide or mask their activity through interaction with or overwrite of HMI (human-machine interface) systems or spoofing of sensor data.Events took place during normal operational hours where personnel were on-hand and available to quickly respond.Slowik came to his conclusion by considering three facts: It was just one of several analyses of the scary incident that the City of Oldsmar publicized on Monday. The attack “was either immature, rushed, or potentially unintentional,” Joe Slowik wrote in an analysis on Thursday. The person who broke into a Florida water treatment plant and increased the concentration of a chemical likely wasn’t an experienced attacker, argues a senior security researcher with Domain Tools. Artificial Intelligence (792) Auto Tech (31) Blockchain (148) CanadianCIO (81) Careers & Education (4409) Channel Strategy (22) Cloud (1983) Communications & Telecom (325) Companies (616) Data & Analytics (1243) Development (628) Digital Transformation (1137) Distribution (122) Diversity & Inclusion (38) Ecommerce (80) Emerging Tech (24123) End User Hardware (26) Engineering (79) Financial (98) FinTech (78) Future of Work (307) Governance (92) Government & Public Sector (5974) Human Resources (799) Infrastructure (8487) IoT (6164) ITWC Morning Briefing (105) Leadership (4251) Legal (100) Legislation (117) Managed Services & Outsourcing (4302) Marketing (52) MarTech (3) Medical (18) Mobility (3415) Not For Profit (12) Open Source (22) Operations (66) People (93) Podcasts (1885) Privacy (569) Project Management (1099) Security (7434) Service (37) Smart Home (15) SMB (46) smb-leadership (1) Social Networks (137) Software (4120) Supply Chain (107) Sustainability (67) Tech in Sports (4) Women in Tech (167)