Security News > 2021 > February > Hack Exposes Vulnerability of Cash-Strapped US Water Plants
A hacker's botched attempt to poison the water supply of a small Florida city is raising alarms about just how vulnerable the nation's water systems may be to attacks by more sophisticated intruders.
The nation's 151,000 public water systems lack the financial fortification of the corporate owners of nuclear power plants and electrical utilities.
Gualtieri said Tuesday that water goes to holding tanks before reaching customers, and "It would have been caught by a secondary chemical check." He did not know if the hacker was domestic or foreign - and said no one related to a plant employee was suspected.
There's been an uptick in hacking attempts of water treatment plants in the past year, the cybersecurity firm FireEye said, but most were by novices, many stumbling on systems while using a kind of search engine for industrial control systems called Shodan.
A 2020 paper in the Journal of Environmental Engineering found that water utilities have been hacked by a variety of actors, including amateurs just poking around, disgruntled former employees, cybercriminals looking to profit and state-sponsored hackers.
In May, Israel's cyber chief said the country had thwarted a major cyber attack the previous month against its water systems, an assault widely attributed to Iran.