Law enforcement and local authorities in Oldsmar, Florida, reported that on February 5, 2021, an unknown hacker gained access to the city’s wastewater treatment plant and changed the chemical composition of the water.
The attacker logged in twice – at 8:00 and 13:30 the same day, initially gaining access to TeamViewer on the computer of one of the employees, and then to other systems.
The second intrusion lasted for about five minutes and was noticed by an operator who watched as the unknown person moved the mouse cursor across the screen and launched the software responsible for water purification.
As a result of these manipulations, the attacker successfully increased the level of sodium hydroxide (NaOH) to dangerous levels, and then logged out.
Fortunately, the dangerous water was not supplied to the local residents, as the attack was noticed on time, and as soon as the hacker disconnected, the operator immediately returned all the values of the chemicals to normal.
Oldsmar Mayor Erik Seidel stressed that the city’s water treatment system is set up with redundancy and would sound an alarm anyway if the levels of chemicals reached dangerous levels.
So far, officials have not linked this attack to any particular hacker group or organization.
It should be noted that this is not the first incident of this kind. Back in 2016, it became known that the water treatment facilities of an unnamed company had been hacked in a similar way, although then the hacker clearly did not understand where he entered and what he was doing. Additionally, in 2020, a series of similar attacks hit Israeli water systems, but then the attackers did not succeed in hacking attempts.
Let me also remind you that cybercriminals can hack our reality and provoke the end of the world, as for example in this post: Apocalypse Now: experts presented a new type of cyber-biological attack.