Cyberattacks targeting water treatment plants put consumers’ health at risk

In early 2021 it was reported that a malicious hacker managed to gain access to the computer systems of a water treatment plant in California, USA, arbitrarily removing some of the programs used for his daily tasks. The cybercriminal allegedly accessed a staff member’s TeamViewer account, according to the California Regional Intelligence Center.

The report also mentions that the attacker behind this incident managed to log into the system, removing several programs used for water treatment automatically.

Investigators said no malfunctions in the plant’s operation were detected as part of this incident; however an additional report from NBC mentions that hackers tried to poison the water, altering the amount of chemical components used for cleaning it. While Intelligence Center Director Michael Sena denied such a claim, this version continued to be released.

Just weeks after this incident, it was confirmed that a threat actor managed to infiltrate the systems of a water treatment plant in Oldsmar, Florida, deploying an attack similar to the one detected in California. Oldsmar County Sheriff Bob Gualtieri mentioned that this attack was also made possible by compromising a TeamViewer account.

“On the morning of the attack we detected that someone remotely accessed our systems that control the chemicals in the plant, although in reality they were not given importance to the incident. A few hours later, we confirmed that this unusual activity was a cyberattack.”

“The hacker apparently changed sodium hydroxide from approximately 100 parts per million to 11,100 parts per million, a significant and potentially dangerous increase for end consumers,” the report states. The plant’s security teams noted that hackers had made arbitrary changes to the plant’s processes, although these changes were canceled before they could cause harm to consumers.

This appears to be an upward trend, although it is expected that organizations have already taken some security measures to prevent further attacks. To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.