The idea of hacking into a water treatment plant to poison the water supply for a whole city sounds like something out of a James Bond movie.
Unfortunately, that kind of nefarious tech scheme isn’t as sophisticated as it may sound.
In early February the FBI released a Private Industry Notification urging private companies, federal and government organizations to review their internal networks and access policies. The warning came after a hacker breached the network for the Oldsmar, Florida water treatment plant. Investigators identified the following weak links:
TEAMVIEWER
Using TeamViewer, the hacker connected to the oldsmar network, took control of the operator’s computer desktop, and changed the amounts of sodium hydroxide (lye) being added to the water. Though the action was immediately reversed, it sparked heated backlash from security professionals, many of whom deem TeamViewer a security nightmare. This may not be the platform to use if you’re managing critical or sensitive infrastructure- especially remote.
WINDOWS 7
Officials also discovered that the water treatment plant was running on Windows 7 which announced its official end-of-life in January of 2020. This means that their Windows 7 OS was unsupported and had not received security updates for over a year. The FBI strongly states that continuing to use this outdated OS is extremely dangerous. We couldn’t agree more.
Ready To Consider Partnering With A Managed Services Provider?
We Welcome The Opportunity To Lock Arms With You.
At IT Authorities the digital safety of your business is our top priority.
You can expect proactive cybersecurity updates to your digital infrastructure from us. Additionally, we provide support for robust security systems by offering:
End-User Training
Your employees are your first line of defense and yet the most vulnerable to a cyber attack. We train your team to identify threats and attacks ahead of time.
Penetration Testing
We proactively perform penetration tests to validate security configurations, identify unknown vulnerabilities and provide recommended corrective actions.
24/7/365 IT Monitoring
Our monthly security subscription provides you 24/7/365 monitoring by industry leading experts, as well as support and patching so that you’re never unprotected.