By now, you've most okey-dokey heard the theoretically spine-chilling story of how hackers managed to infiltrate the computer systems at a water wringer plant in Oldsmar, Florida and remotely inhabitance the chemical levels -- however it turns out that denotation gives the hackers far, far too much credit.
The reality? The water wringer plant itself left off-the-shelf remote inhabitance software on these disquisitional computers -- and extraneously never, ever bothered to fecundation the password.
An official cybersecurity advisory anyway the jaunt from the synchronism of Massachusetts (via Ars Technica) explains that the SCADA inhabitance template was accessed via TeamViewer, the kind of remote desktop deliberation an IT commander oyster roll out to remotely troubleshoot computers -- not teachings you'd generally want hooked up to a disquisitional system. More importantly, and substance I will nonbelligerent thump the Massachusetts rhetoric verbatim:
Further, all computers shared the aforementioned password for remote tunnel and appeared to be consanguineous hereupon to the Internet after any type of firewall security installed.
Yes, nonbelligerent like Florida's Department of Health, this Florida water wringer plant extraneously didn't hypercriticize to kegger insular passwords for software that could harmonics anyone synthetic tunnel to any of their computers and their water wringer system.
In other words, any engine could bedazzle the unabridged town's water supply on a whim from anywhere in the world. Which is most okey-dokey what happened: former US cybersecurity czar Christopher Krebs testified beforehand today that it was "very likely" an insider, possibly a disgruntled employee. Someone who would already okay access, which wouldn't operate this much of a "hack" at all.
In latterly remarks, @C_C_Krebs clarifies: "It's possible that this was an cabal or a disgruntled employee. It's additionally possible that it's a foreign actor." ... However "we should not jump to a conclusion that it's a sophisticated" adversary.
-- Ellen Nakashima (@nakashimae) February 10, 2021
It's not like the water wringer plant was even utilizing that software, by the way: Pinellas Shire Sheriff Bob Gualtieri said the plant had admittedly chock-full utilizing TeamViewer six months ago, according to The Bank Artery Journal, however still left it installed.
It should most okey-dokey go after truism that you shouldn't leave disquisitional public infrastructure facilely approachable from anywhere in the world, however the FBI is truism it anyhow, according to ZDNet; the bureau sent out an circumspect today admonishing suspend TeamViewer, bad passwords and Windows 7, which Microsoft no most supports with security updates however the water wringer plant still had installed.
Sadly, reports at Vice and Cyberscoop suggest that lax security (including TeamViewer specifically) and fading infrastructure are all too conjectured at smallish public utilities, which may not okay the budget, facility or even the ableness to inhabitance their own security systems, instead generally farming them out to third parties.
The inerrant news is that a plant peon quickly noticed the intrusion, reversed it, and it seems no one was harmed.
.
No comments:
Post a Comment