Risk & Repeat: Oldsmar water plant breach raises concerns

Listen to this podcast

This week’s Risk & Repeat podcast looks at how an unknown threat actor used TeamViewer to manipulate chemical levels in a water treatment facility in Oldsmar, Fla.

This week’s Risk & Repeat podcast discusses the recent cyber attack on a water treatment facility in Oldsmar, Fla., where an unknown threat actor attempted to poison the city’s water supply.

Last week, authorities revealed someone breached the city’s water treatment plant using TeamViewer and attempted to raise the level of sodium hydroxide, also known as lye, in the water to dangerous levels. This week, the FBI issued a private industry notification referencing “poor password security” at the Oldsmar plant that was exploited by the threat actor. A subsequent advisory from the Massachusetts state government revealed that all of the computers running TeamViewer shared the same password for the remote access software. In addition, the advisory said that those computers had no firewall protection and were running Windows 7 (Microsoft support for Windows 7 ended in January 2020).

SearchSecurity editors Rob Wright and Alex Culafi discuss how the attack was detected and thwarted and what lessons can be learned from the incident. They also discuss recent comments about the incident from Christopher Krebs, the former director of the Cybersecurity and Infrastructure Security Agency, who spoke at a House of Representatives Homeland Security Committee meeting this week.

Products You May Like

Articles You May Like

HoneyBook raises $155M at $1B+ valuation to help SMBs, freelancers manage their businesses
Cybercriminals Widely Abusing Excel 4.0 Macro to Distribute Malware
Early bird extension gives you more time to save on passes to TC Early Stage 2021: Marketing and Fundraising
A New Slack channel for Cybersecurity Leaders Outside of the Fortune 2000
New Pingback Malware Using ICMP Tunneling to Evade C&C Detection

Leave a Reply

Your email address will not be published. Required fields are marked *