Water Treatment Plant Cyber attacks

For a resource that is critical to all life on Earth, its treatment, composition and supply must be closely monitored to prevent harm. This also makes it a prime target to critically affect countries. Cyber-attacks are not a new threat, but they have become prevalent in recent years. Numerous attacks have been made on water systems worldwide and have forced a lot of people to be aware of this danger because public health is connected to systems that have cyber security vulnerabilities.

The most recent attack occurred in a water treatment plant in Oldsmar, Florida on the 5th of May 2021. A hacker gained entry to the plant’s operator station through an exposed TeamViewer application. The operator noticed his cursor moving on the screen but not before the hacker increased the levels of Sodium Hydroxide in process.  The attempt was thwarted by the operator who was able to reverse the change to the settings, before the toxic levels of the chemical reached the water

This incident is not isolated and has occurred in various forms through the years:

  • 2013 – Bowman Avenue Dam was hacked by members of Iran’s Islamic Revolutionary Guards Corps through a cellular modem and prevented water from being released
  • 2016 – Hacker group gained access to SCADA systems at an unnamed treatment plant where they changed the levels of chemicals used and accessed sensitive customer information
  • 2019 – Post Rock Water District was hacked by a former employee who remotely gained access and shut down the cleaning and disinfecting procedures

Cyber-attacks are now the new modern warfare and companies can no longer afford to be careless with the protection of the plant through cyber means