Hacker Breached Florida Treatment Plant to Poison the Water Supply

A hacker remotely accessed a water treatment plant in Florida and tried to poison the water supply, according to local police. 

The intrusion occurred at a water treatment plant in Oldsmar, Florida, which is home to about 15,000 people, according to Pinellas County Sheriff Bob Gualtieri. Last Friday, an operator at the facility noticed some suspicious activity: an unknown user had remotely gained access to a computer system that controls chemical processes at the plant.

The mysterious culprit spent three to five minutes accessing various functions on the computer, including one that controls how much sodium hydroxide, also known as lye, is added to the water. 

“The hacker changed the sodium hydroxide from about one hundred parts per million to 11,100 parts per million,” according to Gualtieri, who noted that sodium hydroxide is a main ingredient in liquid drain cleaners. Indeed, the CDC lists it as a highly corrosive substance.

“So this is somebody who is trying—it appears on the surface—to do something bad,” he added. “This isn’t just we’re putting in a little bit of chlorine or fluoride here.”

The hacker then exited the system. Fortunately, the plant operator subsequently returned the sodium hydroxide levels to normal. In addition, the plant itself had “redundancies in place,” such as pH monitoring, ensuring the tainted water would have never reached the main pipelines without detection, according to city officials. 

As a result, local citizens were never in real danger. Nevertheless, the intrusion is raising alarm bells. On Monday, the sheriff’s office and city officials held a press briefing on the hack to warn other neighboring municipalities to be on guard against cyberattacks on industrial systems. 

According to the county’s sheriff, the hacker gained access via an unnamed remote software program that allows employees to troubleshoot IT problems. The same program also includes some screen-monitoring capabilities. As a result, the operator who first noticed the intrusion initially suspected the remote access belonged to another worker. 

It’s unclear who the hacker was, and whether the intrusion was launched from a computer in the US or abroad. However, Gualtieri said he’s investigating the matter with the help of the FBI and the US Secret Service. 

In the press briefing, the city of Oldsmar didn’t directly address why the water treatment’s plant computers needed to be connected to the internet. But city officials say they’ve disabled the remote software program that was exploited to carry out the hack. They’re also considering upgrades to prevent another breach from occurring.