David Greenfield, Director of Content
Not long ago, most cyber-attacks on industry happened largely behind the scenes. The companies whose systems were breached rarely went public about the event and if information about these events was ever discussed publicly, it was usually years after the event and few specific details beyond the nature of the attack were ever revealed.
But that’s been changing as cyber-attacks have become more brazen and threaten the public at large. For example, on February 5, 2021, we learned about the remote access intrusion into the control system at a water treatment facility in Oldsmar, Fla., about 13 miles from Raymond James Stadium in Tampa where the Super Bowl was held just two days later.
As an industry observer, one of the more shocking aspects of the Oldsmar hack is that the only thing that stopped it was an observant operator who noticed some unusual changes being made to the facility’s control system. Though remote access to this system was allowed, apparently no user authentication or high-level security methods were employed to restrict access by unauthorized users. And because the operator who noticed the changes received no alerts about them—he just happened to notice that the changes being made were unusual—it’s not unreasonable to assume the facility had no effective anomaly detection or intrusion technologies in place either.