On February 5, 2021, the water treatment plant in Oldsmar, Florida, a town of 15,000 located just west of Tampa, experienced a cybersecurity breach. The Florida hack brought cybersecurity to the National forefront. The government and news media took the breach seriously and the repercussions rippled throughout the other 52,000 water treatment plants in the United States.
How did this attack happen and what does it mean for your business? There’s a lot we can learn from both the attack itself and how the Oldsmar plant responded. As cyberattacks become more prevalent, studying and preparing becomes more crucial for cyber-targets of all kinds. Don’t think your business could be a target? No one does until it happens to them.
What Happened in Florida?
While on duty, an Oldsmar water plant operator saw his computer mouse begin to move on its own. He watched in confusion and then horror as the phantom user opened the software that controlled the water treatment process and raised the level of sodium hydroxide in the water 100 times. The hack was short and swift and the attacker was gone within minutes.
Luckily, the Florida water treatment operator was able to quickly regain control and reverse the hacker's actions. The operator immediately restored the sodium hydroxide levels to normal, sparring thousands of citizens from potential poisoning or death. Even if the operator had not noticed or reversed the attack, the Oldsmar plant had built-in safeguards to prevent the tainted water from ever being released.
After the attack was reported, authorities across multiple agencies took a hard look at cybersecurity vulnerabilities in utilities and government offices. The citizens of Oldsmar were fortunate that safeguards prevented catastrophe but it exposed the inherent risks of network automation and remote work across the public and private sectors.
3 Lessons from the Florida Water Treatment Hack
A breach like the one that occurred in Oldsmar could happen in your workplace too. It takes a persistent hacker and one tiny opening to exploit vulnerabilities in your systems. How can you prevent this from happening?
Let’s look at the lessons learned:
1. Everyone is Vulnerable to Cyber Attack
No one saw the Florida water supply hack coming. It was uncertain who was behind it or what motivated the attack. There were no warning signs and no clear motives.
A CNN report highlighted how remote work has led to increased cyberattacks. The water treatment plant in Oldsmar had been using software to remotely monitor the plant but didn’t have strong security measures in place. The hacker was able to exploit the older software and limited password protection Oldsmar was using.
During the pandemic, remote work became the norm. Today it continues to be a favored practice among many employees. As an employer, it’s your job to ensure your systems are secure no matter where your staff logs in from. If you’re operating on a less-than-secure network or you haven’t trained your staff on proper password authentication, you leave yourself vulnerable to an attack similar to what happened in Oldsmar.
2. Employee Response Matters
Your network is only as strong as its weakest link. Your employees are your first line of defense against phishing attacks, malware and identity theft. It only takes one accidental email or suspicious link to set off an attack on your business. Do your employees know what to look out for?
In the case of the Florida water plant hack, the employee recognized something wrong because he witnessed it in realtime. Your employees may not observe their computers being hijacked but they will very likely be targets for other types of cybercrime. By training your staff what to look for and how to respond to and report any suspicious activity online, you can significantly reduce the risk of damage to your company.
3. Safeguards and Backups are Critical
Oldsmar’s water plant had a backup system. Does your company? The sodium hydroxide that the water treatment plant uses to control the water’s acidity and remove metals is a highly toxic compound. In small doses it’s harmless but at higher concentrations, it can cause burns, vomiting, intense pain and bleeding. The system that controls these chemical levels in Oldsmar, Florida has a safeguard to prevent releasing unsafe water into the public supply. It’s a critical safeguard that allowed them to safely recover after their attack.
A breach in your system probably won’t cause physical harm to anyone but it could cost you in lost business, missing data and even ransom. Not only do you need to protect your networks, you need to have a backup plan in the event an attack gets through. A good safeguard involves multiple preventative measures backed up with a recovery plan that returns daily functions to normal and restores lost data.
It’s not enough to simply change your passwords regularly. You need to close patches, update firewalls, and monitor your systems 24/7. If an attack does occur, you should have your data backed up in a protected bubble separate from daily operations. Have a recovery plan in place that allows you to restore operations quickly with minimal damage and data loss.
Don’t Let a Cyberattack Damage Your Business
Cybersecurity is an increasingly complex necessity for all businesses. The attack on Oldsmar demonstrated how every business is a target and must remain one step ahead of attackers at all times.
Thriveon is proud to be a premier cybersecurity company for Florida businesses. Our team takes a holistic approach to cybersecurity issues for all of our clients. We’re more than a help desk, we’re your main line of defense against cyberattacks of all kinds. If you’re a Florida business leader worried about network vulnerabilities like those exposed in Oldsmar, schedule a consultationwith an industry expert today. Don’t let your business become a target for cyberattack.