CYBERSECURITY LESSONS: WHAT WE LEARNED FROM THE OLDSMAR WATER PLANT HACK
Cyber attacks on small municipal systems and infrastructures have been increasing in the past year, and this is a serious concern as it involves the lives of the people that these public systems serve. Earlier this year, cyber attackers accessed a water treatment plant in Oldsmar, Florida and warnings were out of sight. Now, local and national authorities’ perceptions of the dangers of cybersecurity attacks have changed and evolved to prevent such attacks from happening again in the future for municipal systems.
WHAT HAPPENED DURING THE CYBER ATTACK?
The cyber attack was quick and lasted three to five minutes. During this period, the sodium hydroxide content supplied to the town of Oldsmar, Florida, with a population of about 15,000 changed from 100 parts per million to 11,100 parts per million. It took about five-and-a-half hours for employees of the water plant to notice the drastic change – more than the time it took the attack to happen.
This kind of attack is very dangerous as it affects real people’s lives outside within the vicinity of the municipal system. According to the Centers for Disease Control, eating large amounts of food can lead to vomiting, chest and abdominal pains, skin burns and hair loss.
The Oldsmar water plant was a ripe target for cyber attackers and the hacking was imminent. It is the kind of utility infrastructure that security experts have to worry about as it is located within a small, low-budget community, set up with remote access and external contractors working on the systems apart from the small staff that manages it. The scenario of the cyber attack that happened at the Oldsmar water plant is an example of intrusion into critical infrastructure at a level that endangers the lives of residents. If this can happen in a small town in Florida, what more for other small towns in other parts of the US and the world with no cyber security protection in place and no regulation and law protecting them (read our previous article on the latest law from the US enacted by Biden to protect infrastructures from cyber attacks).
HOW TO PREVENT FUTURE CYBER ATTACKS ON MUNICIPAL SYSTEMS AND INFRASTRUCTURES
The main lesson we learned in the cyber attack on the Oldsmar water plant is that other than large industrial and manufacturing systems being hacked for a big ransom money, small municipal and public systems are a prime target for hackers who can demand more money from the local government and municipalities as they wreak havoc on systems and affect the health and lives of people. And we should give more focus in securing our municipal systems and infrastructures from cyber attacks to prevent a catastrophic effect on the people’s population and health.
Some of the preventive and effective measures that can protect municipal systems from cyber attacks is to implement and execute the necessary ICS/ OT cyber security solutions. Depending on the size and location of the municipal system, these measures can include:
- Start collecting a complete inventory of hardware and software.
- Create a solid industrial network and architecture design.
- Do an ICS asset inventory.
- Create ICS network and data flow diagrams to show undocumented connections to external contractors or staff working remotely.
- Have ICS remote access to connect to the system from anywhere in the world, especially for remote municipal systems in small villages which have a remote location.
- Have an ICS firewall to segment networks and prevent unauthorized access.
- Change management policies, procedures and passwords every week if possible and do patch management, backup and restore for systems daily.
ATS has all these solutions and has provided protection and security to many systems and critical infrastructures for over the past 20 years. The attack on the Oldmasr water plant would have been prevented if one or all of the solutions we mentioned were applied and there is continued training and education to staff and external contracts on cyber security protocols. ATS is able to do the necessary training as needed and aid in preventing dangerous attacks on municipal systems and infrastructures to avert catastrophic consequences and save lives.