Hackers have broken into a water treatment plant in Florida. They gained access to the internal ICS platform and changed the chemical values of the water. A comment from FireEye.
"The incident illustrates the need for strong IT security in critical infrastructure areas," says Daniel Kapellmann Zafra, Manager of Analysis, Mandiant Threat Intelligence at FireEye, the market leader in intelligence-based security solutions.
However, there was no danger to the population as the water manipulation was quickly recognized by the operator. Even if it hadn't, there would be redundancies (manual quality controls / sampling / testing by registered professional engineers) carried out to ensure water quality and public safety.
Cyber security for critical infrastructure assets
“Since last year, Mandiant Threat Intelligence has been observing an increase in cybercrime among new hackers. They try to access remotely accessible industrial systems and acquire knowledge about them. Many of the victims appear to have been chosen at random. These include owners and operators of small critical infrastructure systems that supply smaller population groups.
From a distance, the hackers could interact with these systems - with limited impact. None of these cases resulted in any danger to people or damage to the infrastructure. Fortunately, industrial processes are often designed and monitored by professional engineers who incorporate security mechanisms to prevent unexpected changes.
Hacker: Interest in industrial control systems
We believe that the increasing interest of such hackers in industrial control systems is due to the increasing availability of tools and data about them. This lowers the barrier to learning about and interacting with these systems.
Even if the current incident does not appear to be particularly complex, it underscores the need to strengthen cybersecurity in the water and wastewater industry - similar to in other critical infrastructure areas. "
More on this at FireEye.de
About Trellix Trellix is a global company redefining the future of cybersecurity. The company's open and native Extended Detection and Response (XDR) platform helps organizations facing today's most advanced threats gain confidence that their operations are protected and resilient. Trellix security experts, along with an extensive partner ecosystem, accelerate technology innovation through machine learning and automation to support over 40.000 business and government customers.