Last week, the city of Oldsmar, Florida experienced a cyberattack on its water system. This attack created a potentially significant health and safety risk to the entire population served by the water company. A malicious attacker remotely accessed the controls for the treatment of the water, adding significant amounts of a harmful substance to the water. The attacker remains unnamed and likely unknown.
While it is good news that the employees noticed the attack, it never should have happened in the first place. For over a decade, all guidance has been recommended against internet connectivity for Industrial Control Systems. This attack, which passed through firewalls and leveraged existing plant tools in the same way that employees would use them, is reminiscent of attacks from long ago.
The time is now to protect our critical infrastructure with the most appropriate technology. Waterfall Security Solutions Unidirectional Gateways are today’s simple, modern, enterprise-grade protection for ICS – proven in Israel and practically everywhere. With hardware-enforced one-way server replication, no network attack from an external network – regardless of how sophisticated – can get in.
Please reach out to me if you would like to hear more about how you can prevent attacks like this from impacting your systems.
*Mike Firstenberg worked in the water industry for 13 years and served as chair of the American Water SCADA Council for 5 years.
- Cyberattack on water system in Florida: Design failure enables hack - February 9, 2021
- 8 Common OT/Industrial Firewall Mistakes (Infographic) - May 12, 2020
- The Black Hat Wakeup Call – wait for a disaster or listen to the pros? - January 10, 2018