The Idea Of Hacking Into A Water Treatment Plant To Poison The Water Supply For A Whole City Sounds Like Something Out Of A Spy Movie.
Unfortunately, it’s really not that hard to do in many cases. Here is an example…
In early 2021 the FBI released a Private Industry Notification urging private companies, federal and government organizations to review their internal networks and access policies. The warning came after a hacker breached the network for the Oldsmar, Florida water treatment plant. Investigators identified these two widely used products as the main vulnerabilities:
TEAMVIEWER
Using TeamViewer, the hacker connected to the oldsmar network, took control of the operator's computer desktop, and changed the amounts of sodium hydroxide (lye) being added to the water. The reality is that TeamViewer a security nightmare mainly because it is very casually put on many computers as a means to access it remotely because it is easy but often this access is without thinking through the risks or controlling the security . The truth is you should have a conversation with a cyber-security professional before allowing this software to be installed on your computers and this is especially true if you're managing critical or sensitive infrastructure.
WINDOWS 7
Officials also discovered that the water treatment plant was running on Windows 7 which announced its official end-of-life in January of 2020. This means that their Windows 7 OS was unsupported and had not received security updates for over a year. The FBI strongly states that continuing to use this outdated OS is extremely dangerous. We couldn't agree more!
Oldsmar, Florida water treatment plant is just one of many recent cyber-attacks that have made the news lately and the two problem products described above are just the tip of the iceberg of blatant vulnerabilities. The good news is that in most cases a cyber-security professional can expose these attack vectors and fix them rather quickly.
At EDM Automation The Digital Safety Of Your Business Is Our Top Priority.
You can expect the highest caliber solutions from us. We provide cyber-security professionals that can explain the problems and help you with compliance. Our company provides a full security stack that any size company can afford. Additionally, we provide support for our robust security systems by offering:
End-User Training
Your employees are your first line of defense and yet the most vulnerable to a cyber attack. We train your team to identify threats and attacks ahead of time.
Penetration Testing
We proactively perform penetration tests to validate security configurations, identify unknown vulnerabilities and provide recommended corrective actions.
24/7/365 IT Monitoring
Our monthly security subscription provides you 24/7/365 monitoring by industry leading experts, as well as support and patching so that you're never unprotected.
Don’t Become The Victim In The Next Cyber-Attack.
Reach Out To Our Friendly Team Of IT Experts And Let’s Make Sure You Are Protected For Many Years Of Success To Come!
EDM Automation
Delivering trouble-free IT.
Phone: 757-500-5054
Lee Nelson