Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Wednesday, 24 February 2021 22:52

Reflections on the recent Florida water 'hack'

Reflections on the recent Florida water 'hack' Image by Mohamed Hassan from Pixabay

This has been something of a beat-up.

Surely everyone has been made aware of the recent 'hacker intrusion' at the Oldsmar, Florida water treatment facility. As some background, this is a small plant that sources water from a bore field and delivers potable water to around 15,000 households (and presumably some businesses as well, based on a cursory inspection on a mapping site).

Here's the basic scenario.

Early on the morning of Friday February 5th, the plant operator was watching the system management screen and noticed the mouse move - it wasn't him. Nothing else happened. Later that morning, they again saw the mouse move, and this time, the cursor was placed in the NaOH (Sodium Hydroxide) field and the one key was pressed twice at the front of the field.

The local Sherriff, Mayor and City Manager held a press conference where they insisted that the act was caught quickly and since the 'pipeline' from adding Sodium Hydroxide to the water to it reaching homes was at least a couple of days, and there were multiple testing points along that path, the public was never in danger.

Having worked in industrial control systems for around 13 years, MUCH of this reads like a beat-up to me.

It has been widely reported that the intruder made use of a TeamViewer client running on the control computer so that plant managers could check the status from outside the building (perhaps from home, who knows). This is stupid! Do they not trust the operators? Further, most SCADA (Supervisory Control And Data Acquisition) systems permit the configuration of read-only clients that will display system status, but cannot accept modifications. If all else fails, point a webcam at the screen and have the managers connect to that!

Having read widely on this topic and been privy to some 'off-the-record' discussions amongst SCADA security experts, here's what I can glean.

It seems that the TeamViewer access details had been posted on a 'compromised credentials' web site only a few days earlier and (I haven't checked but) I expect the site to also appear in the SHODAN database.

In most SCADA-based systems, key variables would be configured with range limits that the system would not be able to exceed. This is entirely normal practice when configuring a SCADA client.

As I see it, the intruder was probably little more than a 'script kiddie' who once gaining access, put the cursor in the NaOH field and bashed the '1' key a couple of times to see if he had read/write access. If he'd pressed 'enter' the change would almost certainly not have been written to the control system.

Note that (as mentioned in the preamble) this treatment plant draws its source water from a bore field, where the chemistry barely changes over a weeks-long timeframe - they could have shut the SCADA system down and allowed the PLCs etc to run with current value for weeks on end with no ill-effect to the quality of the water distributed to residents.

Overall, I'm not hugely bothered by this incident and I rather suspect it has been beaten up into something more than it needed to be to create a salutary lesson to other operators.

Your mileage may vary, of course.

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


David Heath

David Heath has had a long and varied career in the IT industry having worked as a Pre-sales Network Engineer (remember Novell NetWare?), General Manager of IT&T for the TV Shopping Network, as a Technical manager in the Biometrics industry, and as a Technical Trainer and Instructional Designer in the industrial control sector. In all aspects, security has been a driving focus. Throughout his career, David has sought to inform and educate people and has done that through his writings and in more formal educational environments.

More in this category: « How 'smart' is my country
Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News