What a would-be mass poisoning in Florida says about U.S. cyber risk

The would-be mass poisoning that a small town in Florida dodged last week is a chilling reminder that cybersecurity — often conceived in the popular imagination as purely an abstract province of ones and zeroes — can be a matter of life or death.Why it matters: The fact that attackers were (if only briefly) able to access the control system for a municipal water supply should be a wake-up call for U.S. officials regarding the digital insecurity of many key pieces of infrastructure.Driving the news: Hackers used TeamViewer, a remote-access software program, to tamper with a water-treatment facility in Oldsmar, Florida, a town of roughly 15,000 people outside Tampa, officials said Monday.They briefly gained access to system controls for the plant and tried to massively raise the levels of lye in the water supply from 100 parts per million to more than 11,000. (Lye, commonly used to treat drinking water, is nontoxic when diluted but poisonous at higher concentrations.)Plant operators quickly discovered the tampering attempt, prevented the alteration of lye levels, and shut out the hackers from their systems.What they’re saying: “At no time was there a significant adverse effect on the water being treated,” said Bob Gualtieri, Pinellas County sheriff. “Importantly, the public was never in danger.”Yes, but: The incident still underscores the potential for enormous damage that lies dormant within many pieces of internet-connected infrastructure in the country.It's a real concern, particularly as more critical infrastructure comes online and more international crime and nation-state conflict moves into the cyber realm.In this case, while the FBI and Secret Service are investigating the breach, we don't know if the incident was an attempted terrorist attack, unsophisticated but malicious nation-state activity, or “merely” the work of a deranged individual.There is a chasm between a serious operation to poison an entire town’s water supply as an act of either state-sponsored sabotage or non-state terrorism and a half-baked, foolish — if malign and potentially deadly — gambit by some group of individuals who may not have even fully conceived of the seriousness of their actions.The continuum is broad, and we don’t know precisely where this event fits yet.Of note: The “noisy” and haphazard nature of the hackers' work and the ease with which they got in — a worrying data point on its own — seem to point to something less than a well-thought-out operation conducted by a determined, top-tier nation-state adversary, say experts.While incidents like Oldsmar “are concerning given adversary brazenness ... they also are incredibly unsophisticated in nature — representing a burglar opening an unlocked door more than a thief penetrating a well-resourced security system,” writes Joe Slowik, a senior threat researcher at DomainTools. Slowik suggested the incident may more than anything else echo a series of seemingly simplistic breaches by hackers of water infrastructure in Israel last year, “where insecure systems were remotely accessible and entities simply took advantage of circumstances.”The catch: Crude as the operation may have been, the hackers appeared to be trying to sicken or even kill Oldsmar residents — a rare instance of a known cyberattack targeting an industrial control system within the U.S. where the aim of the operation seemed to be lethal in intent.

Comments

Tech news

Comments

Tech news

Why time speeds up as you get older

Trio of channel changes coming to Sky and Virgin TV boxes next week following spate of closures – see full list

Inside world’s biggest private jet ‘Flying Mansion’ – the ultra posh Boeing 747 with gold staircase and full bathroom

This man has been bitten by snakes 200 times – now his blood could save lives

Wedding Planning Via Generative AI

Your Samsung phone is getting this free update - four things I love, two I hate

New Wi-Fi warning issued to UK homes as millions told to ignore viral trend

Forget Spotify - the cassette player is back and far better than you remember

Five TV settings you should fix to instantly boost picture – even if you’re using a Roku or Fire Stick

Sky confirms urgent broadband alert - check your Wi-Fi or you may be at 'risk'

'Unparalleled' snake antivenom made from man bitten 200 times

Sam Altman’s Start-Up Launches Eye-Scanning Crypto Orbs in the U.S.

What 6 Decision-Making Experts Tell Leaders About Making Smart Choices

Today’s NYT Mini Crossword Clues And Answers For Saturday, May 3rd

A 9th planet in our solar system might be found — and no, it’s not Pluto

Science meets shape-throwing in 'Dance your PhD' contest

The Trump administration says it will cut EPA staffing to Reagan-era levels

Today’s ‘Wordle’ #1414 Hints, Clues And Answer For Saturday, May 3rd

Google Confirms Chrome Update—Now Tracks All Your Devices

Sam Altman and Elon Musk are racing to build an ‘everything app’

Google is going to let kids use its Gemini AI

Trump Threatens NPR and PBS

Meta partners with film studio Blumhouse on chatbot used during recent movie screening

TikTok fined £452million for breaching EU privacy rules by sending data to China

3 Reasons To Stop ‘Over-Intellectualizing’ Emotions, By A Psychologist

ISEE And TICO Partner To Deliver Autonomous Yard Trucks To Customers

Ryan Garcia Vs. Rally Romero Results Full Fight Card Results

Google’s Gmail Warning—Upgrade Your Email Account Today

AI Startup Decagon In Talks To Raise $100 Million At A $1.5 Billion Valuation

Android Circuit: Galaxy S25 Edge Details, Snapdragon Flagship Revealed, Pixel 10 Pro Leaks

Apple Loop: iPhone 17 Pro Leaks, Apple Watch SE Details, iPhone 17 Release Dates

Here are the best AirPods deals you can get right now

Apple issues urgent warning to 1,800,000,000 iPhone users over popular feature

Ex-New Yorkers dish on why they moved to Florida for good: ‘People thought we were crazy’

A Business Leader’s Guide To Generative Engine Optimization (GEO)

What To Watch This Weekend: New Shows And Movies To Stream On Netflix, Hulu, Prime Video, Apple TV And More

Technicolor Grief—Food Dyes And The End Of America’s Neon Snack Era

Trump&#8217;s proposed budget deals another big blow to science, clean energy, and the environment

Inside Sam Altman’s eye-scanning crypto party

U.S. robot makers hope to beat China in humanoid race. Tariffs could affect their ambitions

Self-driving trucks start making the rounds in Texas

He let snakes bite him 200 times to create a better snakebite antivenom

Can Jack Dorsey Rescue Block’s Plunging Stock?

AI And Cybersecurity: The New Administration’s 100-Day Reckoning

Scientific societies say they'll do national climate assessment after Trump dismisses report authors

Apple is working with Anthropic on an AI coding tool for Xcode

In praise of a special little bag

Firefox could be doomed without Google search deal, says executive

Money Talks

TikTok fined $600 million for China data transfers that broke EU privacy rules

Co-op cyber attack affects customer data, firm admits, after hackers contact BBC

Scientists reel as turmoil roils National Science Foundation

Why Are People Adding Jalapeños To Their Sauvignon Blanc?

The Beginning Of The Self-Driving Freight Revolution

‘Quordle’ Today: Hints And Answers For Saturday, May 3

NYT ‘Strands’ Today: Hints And Answers For Saturday, May 3

More Than Half Of All EVs Remain Costlier To Own Than ICE Cars, Study Shows

2 Relationship Deal-Breakers You Shouldn’t Ignore — By A Psychologist

How to lock down your privacy in WhatsApp

You can still snag an Xbox Series X / S before Microsoft’s price hike fully takes effect

Trump’s proposed budget deals another big blow to science, clean energy, and the environment