Tech

A hacker tried to poison the water supply in Florida

The attacker dramatically increased sodium hydroxide levels in the water before an operator spotted the change and reversed it.

Abstract minimal vector black and white poster template with glitched generative art geometric compo...
Shutterstock

In a terrifying series of events, a civil servant in the city of Oldsmar, Florida managed to save the entire population from mass poisoning. Officials from Pinellas County say a hacker remotely accessed a computer that controls the city's water treatment system, dramatically increasing the amount of sodium hydroxide in the water supply before an operator noticed and stopped it.

Poisoning attack — "The hacker changed the sodium hydroxide from about one hundred parts per million, to 11,100 parts per million," said Pinellas County Sheriff, Bob Gualtieri, adding that these were "dangerous" levels. In smaller quantities, sodium hydroxide can cause severe skin burns and eye damage.

According to Gualtieri, the hacker managed to gain remote access to the city's water treatment systems using TeamViewer. A common piece of software for remotely controlling computers, Oldsmar's facility had TeamViewer installed so that authorized users could troubleshoot problems from other locations.

Apparently, a plant operator first noticed someone remotely accessing the city's treatment system at 8 a.m. last Friday, and when it happened again later that day, the person accessing the system throttled up the sodium hydroxide levels before disappearing. Because the operator was watching they were able to immediately reduce the levels back to normal and shut off remote access.

It's unclear what the motivation behind the hack might have been. Gualtieri says the County Sheriff's Office has started a criminal investigation along with the FBI.

Critical infrastructure — The situation is an example of the real danger of cyberattacks being taken out on critical infrastructure, something that experts have warned about for years as more systems become connected to a grid.

Cyberattacks are nothing new, as seen recently when the Department of Defense announced a major breach of government systems across multiple agencies. But hackers are rarely so brazen as to directly attack public safety, instead using cyberattacks largely as means to steal information or extort money — or as an intimidation tactic, as was in the case of North Korea's Sony Pictures hack.

The closest comparable example to this latest hack was a 2015 attack on Ukraine's power grid that left more than 230,000 people in the dark after attackers similarly gained remote access to a power grid there. There was also the infamous WannaCry cyberattack in 2017 when ransomware crippled computer systems around the world, affecting some hospital networks.

Countries like Russia and North Korea have expanded their electronic warfare capabilities in recent years as cyberwarfare offers a way to bulk up their militaries outside of traditional weapons. For North Korea, cyber-attacks have also provided a much-needed source of income: the country is believed to have stolen billions of dollars worth of cryptocurrency over the years, the proceeds of which it has used to fund weapons programs.