If you haven't heard on the news earlier today (and in a few publications), a water treatment plant in Florida had its Industrial Control Systems (ICS) hacked, and its water supply temporarily contaminated with lye.
Yes, potentially drinking water...yes, someone hacked a government facility.
Apparently during the incident a hacker gained control of a TeamViewer account that's used for legitimate personnel to go in and conduct routine maintenance from some of the ICS terminals.
The hacker then proceeded to raise the levels of what is commonly known as lye from 100 to 11000 parts per million anything over 10,000 parts per million can cause sickness abdominal pain damage to the stomach and gastrointestinal tract.
The type of TeamViewer account an account that are used for programs to allow uses user to take care of sensitive industrial Control Systems is extremely common this is one of those things that we must be vigilant of and one of those things that we help conduct assessments for to make sure that we keep everything as secure as possible.
These are the attacks that a government, and its contractors should be prepared for through ensuring contractors and other personnel have gone through a good TPRM assessment and compliance remediation.
We tend to specialize in CMMC, NIST CSF, HIPAA, and GDPR, but we work with ICS as well, and have secured many by recommending things like RDP, and other third party access be restricted and have robust controls.
If you are a government agency, local, state, regional, or federal. make sure your contractors, are compliant, and have programs, and controls in place to secure our nation's infrastructure.
As always, stay vigilant, and let us know if you have any questions.
James is the CEO and founder of UNITI Cyber, the premier SMB cybersecurity and compliance consulting firm. His security and intelligence and information security experience allow him to innovate, and bring you the latest in actionable information to protect your organization.