It appears not even H2O is safe from cyber-criminals following a recent attack on a water treatment plant.
According to a news report from International Business Times,
hackers were able to change the levels of chemicals used to treat tap
water during an attack on the outdated IT network of the plant
(currently given the fake moniker "Kemuri Water Company" (KWC) due to
the sensitive nature of the breach), exploiting its web-accessible
payments system and using it to access the company's web server.
Security researchers Verizon Security Solutions
were the ones who unearthed the attack after KWC asked the company to
look into unauthorized access to its operational technology systems and
unexplainable patterns of valve and duct movements that seemed to be
manipulating hundreds of Programmable Logic Controllers. The firm’s
investigators noticed the IP addresses of the attackers matched that of
hackers previously linked to other hacktivist campaigns and it is
believed the criminals may have had motives concerning Syria.
Verizon, who included the incident in this month’s breach report,
said that although the criminals gained access to the personal and
financial records of over 2.5 million customers, the hackers have not
sought to use the details and suggested that they may not have even been
aware that they were affecting water chemical levels at all.
Luckily, KWC was able to reverse the changes before customers were
affected and apparently nobody got ill – but clearly the attack had the
potential for far more serious ramifications.
This is not the only attack on critical infrastructure that we have seen recently, with various Ukrainian power companies and Israel's Electricity Authority falling victim to breaches in the last few months.
“Attacks on critical manufacturing and infrastructures are becoming more common,” Yoni Shohet, Co-Founder & CEO of SCADAfence told Infosecurity,
citing increasing connectivity between the IT and operational
technology environments as a key factor in the exposure of insecure
networks to new risks.
“For companies these attacks can mean significant loss of revenue,
reputation damage and loss of competitive edge. For customers, in a
worst case scenario situation, these breaches could potentially be
deadly. Imagine if products that we consume every day such as drugs,
food and water are tampered and manipulated by malicious hackers, the
results could be devastating,” he added.
Shohet went on to say that with the use of proper risk management and
monitoring tools attacks such as the breach on KWC could be avoided, or
at least detected quicker.
“The fact the chemical process was changed and only then the company
was able to detect the breach clearly shows that the company did not
properly monitor the connections between the IT and OT environments and
that they did not monitor the usage of the devices controlling their
mission critical systems.”