> "But at about 1:30 p.m. the same day, Gualtieri said, someone accessed the system again. This time, he said, the operator watched as someone took control of the mouse, directed it to the software that controls water treatment, worked inside it for three to five minutes and increased the amount of sodium hydroxide from 100 parts per million to 11,100 parts per million."
who wants to bet this might have been as simple as improper usage/implementation of Teamviewer gone wrong?
when dealing with persons/organizations who are not focused on infosec/netsec issues, given the opportunity and ability to do so, never underestimate the workarounds and kludges that people will install to "make their job easier", such as putting teamviewer on control system PCs running water systems.
Jives with my experiences working in consulting and on the vendor side of things, honestly. Systems that don't have any practical need for air gaps always seem to be air-gapped, and systems that probably should be air-gapped often aren't.
Well the superbowl was being played that weekend a few miles away on Sunday and so there was a large amount of media and visitors in town for the game(also heavy national coverage). Glad they reverted it as who knows what would have happened if left unchecked.
I can imagine that especially during covid, there might have been some substantial convenience to having teamviewer on that computer system. Not justifying it's presence, but I do think this is a failure of IT not finding a way to make access to the system both secure and convenient.
The implications of such a thing could have been terrifying and tragic. Goes to show that you should never be overconfident about or underestimate the security of your computer systems. Especially if you are a critical government agency. I hope they've learned their lesson about having a cybersecurity plan and system backups in place, instead of hubris. They avoided the consequences this time, but next time it could be too late.
