![]() One-way unidirectional monitoring devices are recommended to monitor SCADA systems remotely. Restrict all remote connections to SCADA systems, specifically those that allow physical control and manipulation of devices within the SCADA network.Further, all computers shared the same password for remote access and appeared to be connected directly to the Internet without any type of firewall protection installed. All computers used by water plant personnel were connected to the SCADA system and used the 32-bit version of the Windows 7 operating system. The unidentified actors accessed the water treatment plant’s SCADA controls via remote access software, TeamViewer, which was installed on one of several computers the water treatment plant personnel used to conduct system status checks and to respond to alarms or any other issues that arose during the water treatment process. As a result, the water treatment process remained unaffected and continued to operate as normal. Water treatment plant personnel immediately noticed the change in dosing amounts and corrected the issue before the SCADA system’s software detected the manipulation and alarmed due to the unauthorized change. The unidentified actors accessed the SCADA system’s software and altered the amount of sodium hydroxide, a caustic chemical, used as part of the water treatment process. On 5 February 2021, unidentified cyber actors obtained unauthorized access, on two separate occasions, approximately five hours apart, to the supervisory control and data acquisition (SCADA) system used at a local municipality’s water treatment plant. EPA recommends that all water systems implement the mitigation measures listed at the end of this report where applicable. ![]() EPA is providing critical information from this report to the WSCC and GCC for awareness. The FBI, DHS, US Secret Service, and the Pinellas County Sheriff’s Office have issued a joint situational report that concerns the water sector. Here is a more specific description on the events and suggested protective measures. We appreciate your attention to cybersecurity and the recent incident in Florida. Department of Homeland Security (DHS)/Cybersecurity and Infrastructure Security Agency (CISA) at 88 or or through the DHS CISA Incident Reporting SystemĬISA Region 1 at It is also recommended that events be shared with the Water Information Sharing & Analysis Center (WaterISAC) at or 866-H2O-ISAC.Īdditional information about cybersecurity breach in Florida.Federal Bureau of Investigation’s (FBI) 24/7 CyberWatch at 85 or and the Boston FBI Field Office at 85 or.Commonwealth Fusion Center’s Massachusetts Cybersecurity Program (CFC-MCP) at 50.Local police department of jurisdiction.Joining the MA Water/Wastewater Agency Response Network (MA WARN) at:.WaterISAC’s 15 Cybersecurity Fundamentals:.EPA Cybersecurity Best Practices for the Water Sector:.EPA Water Sector Cybersecurity Sector Brief for States:.EPA Incident Action Checklist for Cybersecurity:.CISA Industrial Control Systems Advisories and Reports:. ![]() CISA & NSA Alert on Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems ():. ![]()
0 Comments
Leave a Reply. |