A top senator on Wednesday asked for details about the probe into the hacking of a Florida water plant.
Sen. Mark Warner (D-Va.), chairman of the Senate Intelligence Committee, asked officials at the FBI and the Environmental Protection Agency for information on the breach, which sought to alter water chemical levels in the Florida town of Oldsmar to a poisonous extent.
Warner wants to be informed of the progress of the FBI’s probe into the incident and that the Environmental Protection Agency review whether the facility that was hacked in is compliance with the most recent Water and Wastewater Sector-Specific Plan. He also requested confirmation that the U.S. government is sharing timely threat information related to the incident with other water and wastewater facilities.
“This incident has implications beyond the 15,000-person town of Oldsmar. While the Oldsmar water treatment facility incident was detected with sufficient time to mitigate serious risks to the citizens of Oldsmar, and appears to have been identified as the result of a diligent employee monitoring this facility’s operations, future compromises of this nature may not be detected in time,” Warner wrote in a letter to the officials.
“The federal government must ensure we are taking all precautions to keep drinking water safe for Americans. Designated as one of the 16 infrastructure sectors critical to national security under the Presidential Policy Directive 21 (PPD-21), we must protect water facilities from cyber and other compromises,” he added.
Hackers remotely breached the water treatment facility in Florida on Feb. 5. They upped sodium hydroxide levels from 100 parts per million to 11,100 parts per million. Sodium hydroxide is also known as lye.
“This is obviously a significant and potentially dangerous increase,” Pinellas County Sheriff Bob Gualtieri told reporters at a press conference.
A plant operator noticed what was happening and the situation was fixed before it could affect residents.
The Cybersecurity and Infrastructure Agency at the Department of Homeland Security said in an incident summary that the hackers “likely accessed the system by exploiting cybersecurity weaknesses, including poor password security, and an outdated operating system.”
“Early information indicates it is possible that a desktop sharing software, such as TeamViewer, may have been used to gain unauthorized access to the system, although this cannot be confirmed at present date,” the agency said, adding that continuing to use any operating system beyond its end of life status could provide an entry point for cyber criminals.
Experts recommended plants install independent cyber-physical safety systems and update to the latest version of an operating system while utilizing multiple-factor authentication and using strong passwords.