- How? This is a critical infrastructure facility
Posted: Mon Feb 10, 2025 9:55 am
— Wait, where were their staff looking when they monitored information security?
- Ha! You'd better ask, is there such staff here??? The last specialist was fired three years ago. According to the manager, he is not needed! He sits here, always demanding something!
— Well, yes. But when was the last time a security audit was conducted? NEVER!!! The reason is banal. Nobody wanted to pay money! As a result, the attacker gained access to SCADA systems through a publicly available remote control application that system administrators use to remotely troubleshoot a computer. Needless to say, software of this kind should not be present on critical systems? Moreover, the same password was used for remote access to all computers, and all computers were connected directly to the Internet. Moreover, they were not protected by a firewall.
— Wait, so that means that with a single password, any afghanistan whatsapp data at the station could change the chemical levels in the tap water throughout the city with a snap of a finger from anywhere on the planet?
— Exactly! Moreover, we believe that this is what happened! The change in the sodium hydroxide level in the tap water is probably the work of an insider, who could be an offended employee of the station. Most likely, the intruder already had access to the software for monitoring the water purification processes.
— It turns out that it’s not just the system administrators who need to be kicked out, but the entire management of the station?
— The management should be brought to justice. However, as well as the head of the IT department. The most interesting thing is that the station's system administrators stopped using the remote access application six months ago, but never uninstalled it.
- Ha! You'd better ask, is there such staff here??? The last specialist was fired three years ago. According to the manager, he is not needed! He sits here, always demanding something!
— Well, yes. But when was the last time a security audit was conducted? NEVER!!! The reason is banal. Nobody wanted to pay money! As a result, the attacker gained access to SCADA systems through a publicly available remote control application that system administrators use to remotely troubleshoot a computer. Needless to say, software of this kind should not be present on critical systems? Moreover, the same password was used for remote access to all computers, and all computers were connected directly to the Internet. Moreover, they were not protected by a firewall.
— Wait, so that means that with a single password, any afghanistan whatsapp data at the station could change the chemical levels in the tap water throughout the city with a snap of a finger from anywhere on the planet?
— Exactly! Moreover, we believe that this is what happened! The change in the sodium hydroxide level in the tap water is probably the work of an insider, who could be an offended employee of the station. Most likely, the intruder already had access to the software for monitoring the water purification processes.
— It turns out that it’s not just the system administrators who need to be kicked out, but the entire management of the station?
— The management should be brought to justice. However, as well as the head of the IT department. The most interesting thing is that the station's system administrators stopped using the remote access application six months ago, but never uninstalled it.