This week’s Risk & Repeat podcast looks at how an unknown threat actor used TeamViewer to manipulate chemical levels in a water treatment facility in Oldsmar, Fla.
This week’s Risk & Repeat podcast discusses the recent cyber attack on a water treatment facility in Oldsmar, Fla., where an unknown threat actor attempted to poison the city’s water supply.
Last week, authorities revealed someone breached the city’s water treatment plant using TeamViewer and attempted to raise the level of sodium hydroxide, also known as lye, in the water to dangerous levels. This week, the FBI issued a private industry notification referencing “poor password security” at the Oldsmar plant that was exploited by the threat actor. A subsequent advisory from the Massachusetts state government revealed that all of the computers running TeamViewer shared the same password for the remote access software. In addition, the advisory said that those computers had no firewall protection and were running Windows 7 (Microsoft support for Windows 7 ended in January 2020).
SearchSecurity editors Rob Wright and Alex Culafi discuss how the attack was detected and thwarted and what lessons can be learned from the incident. They also discuss recent comments about the incident from Christopher Krebs, the former director of the Cybersecurity and Infrastructure Security Agency, who spoke at a House of Representatives Homeland Security Committee meeting this week.