Last Friday someone was able to access the Oldsmar, Florida water treatment facility computer system and adjust the levels of sodium hydroxide, aka lye, that would be added to the water. The Tampa Bay Times has the details:
Local and federal authorities are investigating after an attempt Friday to poison the city of Oldsmar’s water supply, Pinellas County Sheriff Bob Gualtieri said.
Someone remotely accessed a computer for the city’s water treatment system and briefly increased the amount of sodium hydroxide, also known as lye, by a factor of more than 100, Gualtieri said at a news conference Monday. The chemical is used in small amounts to control the acidity of water but it’s also a corrosive compound commonly found in household cleaning supplies such as liquid drain cleaners.
The city’s water supply was not affected. A supervisor working remotely saw the concentration being changed on his computer screen and immediately reverted it, Gualtieri said. City officials on Monday emphasized that several other safeguards are in place to prevent contaminated water from entering the water supply and said they’ve disabled the remote-access system used in the attack.
The Pinellas County Sheriff’s Office is investigating, along with the FBI and the Secret Service, Gualtieri said.
Nobody has been arrested, Gualtieri said, though investigators have some leads. They do not know why Oldsmar was targeted, he said.
Though some cities obtain water through Pinellas County, Oldsmar provides water directly to its businesses and roughly 15,000 residents, Gualtieri said. The computer system at the water treatment plant was set up to allow authorized users to remotely access it for troubleshooting.
A plant operator was monitoring the system at about 8 a.m. Friday and noticed that someone briefly accessed it. He didn’t find this unusual, Gualtieri said, because his supervisor remotely accessed the system regularly.
But at about 1:30 p.m. the same day, Gualtieri said, someone accessed the system again. This time, he said, the operator watched as someone took control of the mouse, directed it to the software that controls water treatment, worked inside it for three to five minutes and increased the amount of sodium hydroxide from 100 parts per million to 11,100 parts per million.
The attacker left the system, Gualtieri said, and the operator immediately changed the concentration back to 100 parts per million.
“At no time was there a significant adverse effect on the water being treated,” the sheriff said. “Importantly, the public was never in danger.”
Even if the operator hadn’t caught it, he said, it would have taken more than a day for the water to enter the water supply.
“The protocols that we have in place, monitoring protocols, they work — that’s the good news,” said Oldsmar Mayor Eric Seidel. “Even had they not caught them, there’s redundancies in the system that would have caught the change in the pH level.
“The important thing is to put everyone on notice,” he said. “There’s a bad actor out there.”
Much more at the link, including a profound statement by Florida’s senior senator Micro Rubio.
Malcolm Nance immediately jumped to conclusions:
WARNING: A Remote access hack occurred Friday at a water treatment plant in Florida were someone remotely operated the computer controls, while staff watched and attempted to raise the amount of LYE chemicals in the water 1,000%. Both Russia & Iran have tried this before. https://t.co/D11RMlrwGL
— Malcolm Nance (@MalcolmNance) February 8, 2021
ALWAYS BET ON BLACK: Predicted? No, but I did write several warnings on Russian remote seizure attacks that seem almost identical to the Florida incident in @hackamericabook Page 102 … in 2016. Also see @TAPSTRIMEDIA & my 2015 book #HackingISIS. #GoRead https://t.co/Y8QnzYf3MO pic.twitter.com/lxXIociBME
— Malcolm Nance (@MalcolmNance) February 8, 2021
These conclusions were then picked up and broadcast to everyone by Rachel Maddow on her show this evening.
I know a little something about Oldsmar, Florida. Largely because the Balloon Juice Bunker compound in the cypress scrub is adjacent to Oldsmar. For lack of a better geographic locator, since the post office refuses to recognize Balloon Juice Bunker Compound, Cypress Scrub, FL, USA as a legitimate address*, I ACTUALLY FUCKING LIVE IN OLDSMAR!!!! And I can honestly say NO ONE WHO DOESN’T LIVE IN OLDSMAR OR NORTH PINELLAS COUNTY OR WESTERN HILLSBOROUGH COUNTY OR SOUTHERN PASCO COUNTY OR KNOWS SOMEONE WHO DOES EVEN KNOWS THERE IS AN OLDSMAR, FL!!!!!!
You can sneeze across Oldsmar if the wind is blowing the right way. Oldsmar is about a dozen stoplights running north-south and east-west at the northwestern most point of Tampa Bay. It got its name because RE Olds and his family had their winter home here, which they named Oldsmar. As in Olds by the sea. Or the sea of the Olds. And given the amount of venerable elders, Olds by the sea is an appropriate name!
I could be wrong, but I would be highly surprised if this was the Russians. I’ve been working on the Russian active measures, hybrid warfare, and political warfare problem set since January 2014 when I was assigned, under temporary assigned control, as the Cultural Advisor/Senior Civilian Advisor to the Commanding General of US Army Europe. I have published, in Special Warfare**, which is the professional journal of the Special Warfare community***, about how the Russians have probed for vulnerabilities and weaknesses in order to target a variety of utilities and the systems that control them. Three years before my article was published, in May of 2016, I included this strategic concern in a briefing I gave at FT Bragg to a room full of American and allied general officers and senior staff that partially dealt with Russia and its geo-strategic and regional strategic ambitions. My professional assessment, given what we know now, is that it is highly unlikely that this is the Russians. I have also published, just last July, on political warfare, which included this concern. This isn’t something I’ve just started thinking about today, I’ve been considering the problem off and on for over seven years as part of my professional work.
There are several reasons why I doubt this was the Russians. The first is that right now Putin does not want to do anything to further stress Russian relations with the US. President Biden and his team are not Trump and his team. And President Biden has already made it clear to Putin that he is not going to tolerate Putin’s actions the way Trump did. The second is that since almost no one in most of Florida, let alone the rest of the US knows that Oldsmar existed, at least before today, that it is a very strange place for Putin’s merry band of mischief makers to target a water treatment facility.
I think it is far more likely that either a disgruntled current or former employee of the City of Oldsmar or of Pinellas County who knew that this point of access existed and exploited it for their own purposes. Or that a local mischief maker went probing for an access point, found one, and decided it was party time. We do have a small, but sizable white supremacist, neo-NAZI, and domestic right wing extremist presence in the area, so it is also possible one fo them did it. Frankly, I wouldn’t be surprised if we find out that an actual authorized user who was teleworking and on the system stepped away from their computer for a few minutes without logging out to get something to drink or use the facilities and their cat walking across the computer desk or their toddler wanting to help daddy or mommy work unintentionally reset the levels. I think the Russians attacking Oldsmar, Florida through a water treatment facility that only supplies Oldsmar is, in my professional opinion, a big stretch. Is it possible it was the Russians? Sure. Is it probable and plausible? I think it likely improbable and implausible.
We’ll know more when we know more. And I know enough about what I don’t know to state that I could be wrong.
Open thread!
* I personally blame Louis DeJoy.
** I apologize for the random capitalizations, I’m pretty sure whoever copyedited this decided these were operational terms of art and capitalized them.
*** It was nice of them to hide their professional journal in plain sight.
Open Thread
JoyceH
My initial reaction to this story was – why on earth was this system able to be accessed remotely? Just because something is a computer doesn’t mean it has to be connected to the internet.
PaulWartenberg
Russia has declared war on OLDSMAR FLORIDA?!
As a son of PALM HARBOR (BOYZ FROM THE HARB), I cannot let this attack stand. WE CANNOT LET THIS ATTACK STAND!
SUMMON THE FLORIDA MEN AND WOMEN TO BATTLE.
PREPARE THE 15-FOOT GATORS WITH SADDLES.
UNLEASH THE LASER SHARKS.
FROM THE SHORES OF KEY WEST TO THE GYRO SHOPS OF TARPON SPRINGS TO THE HALLOWED HALLS OF THE UNIVERSITY OF FLORIDA, WE SHALL AVENGE YOU, OLDSMAR!
(starts playing “O Fortuna” in the background as orange blossoms spring to life across all of Polk County)
Adam L Silverman
@JoyceH:
via GIPHY
Adam L Silverman
Planetjanet
Now that I have word from Sir Silverman, I can sleep peacefully.
Wag
Good thing they caught this, or Oldsmar might have ended up like Flint, MI, after someone messed with their water system and unleashed the lead poisoning from libertarian hell.
SFBayAreaGal
I go for the mischievous kitty cat 🐱
Viva BrisVegas
Obviously it was Trump attempting a last ditch effort to cure the coronavirus.
Eric S.
@SFBayAreaGal: it’s not mischievous, it’s just asking for a warm lap or a full bowl. Ozzie the Cat tells me so
prufrock
Oldsmar is a string of inconvenient traffic lights that vex me as I drive between Palm Harbor and Tampa.
It is also full of nice houses that will flood in ten inches of storm surge.
Achrachno
Well, this takes all the fun out of it. No Russians attacking small towns by exotic means?
leeleeFL
I was reading this thinking, Look around for who just got canned or excessed or “encouraged” to resign.
Glad it seems to have been nipped in the bud, but I’d put in a supply of bottled water, Adam! Pretend it’s hurricane season.
ETA: Adam, is it possible someone didn’t like your articles? Just sayin’, funny how it’s where you live.
I’ll show myself out….
Doug R
“Just because you’re paranoid, doesn’t mean they’re not out to get you”.
Carlo
Agreed. Mostly because Russia (or any other national actor) has zero to gain from this attack. A local asshole.
I think the redundant systems thing is interesting.There’s a lot of threat-buzz about cyber attacks on infrastructure – power, water, etc. – but this makes me wonder how much of that is really practicable. In this case at least, there was a defense in depth. Seems as if an average nuclear power plant (say) would arrange similarly redundant safeguards.
Jim, Foolish Literalist
I didn’t think Maddow was necessarily promoting the idea that this was the Russians.
She also had a segment on this story, about the ongoing madness in Arizona
Maddow had a clip of this special creature, from the same mold that made Sarah Palin and Marjorie Taylor Greene, apparently calling for violence from the less good people of Arizona
and the quotes in the tweet capture the special word-salad delivery of Senator Townsend
🐾BillinGlendaleCA
Speaking of the mail, I ordered a filter* for my camera last Wednesday night from a company in New Jersey and it arrived today. That’s pretty good for going across the country.
*It’s called an IRChrome filter, so if you liked my Aerochrome effect, you’ll see more.
Doc Sardonic
Bust out the bass boat Cletus, we gonna go get us some gatdamn Russkies.
🐾BillinGlendaleCA
@Viva BrisVegas: Do we still have to stick a light up our ass or will the lye be OK by itself?
Honus
Ah, yeah reminds of the old days when us commie hippies were always going to put LSD in the water supply.
Mart
Nance don’t know nuthun. This is some really sophisticated digital fuckery. Clearly the work of the ghost of Hugo Chavez. First he came for Dominion, now he’s gunning for our water. Don’t say I did not warn you!
df
@Adam L Silverman:
How about a nice game of chess?Edit to add more substance: I’m honestly surprised it took this long for something like this to happen (or at least for it to become public). The capital-I Internet is a garbage fire. This is going to keep happening until we have licensure and ethics boards for software developers, laws with teeth, and adequate funding for the unsexy parts of government IT work. Count on it.
TomatoQueen
@🐾BillinGlendaleCA: Dang it the hot cocoa went right up my nose. Rotating tag nominee.
bt
It is so clearly the case that the #1 suspect will be someone who works at, or was fired from, or was a contractor at this place.
That’s who would bother, that’s who has the access.
–> It’s like when a pretty young woman is found in tragic circumstances. They don’t call the Russians in for questioning, they call the ex-boyfriend.
LongHairedWeirdo
That’s *10,000* percent – a factor of 100, times 100 per centum (per hundredth, essentially) , is 10,000%, *not* 1,000%.
sab
This happened to my college town way back before the internet. Some higher up guy was out sick and some lower down guy fucked up, and the town water supply was awful and salty for a week. Corrosive showers at home and in the dorm. Poisonous bug juice and coffee in the cafeteria. It was very inconvenient and annoying, but we got through it.
Remote access probably would have fixed it sooner, since the guy home sick could have checked on the idiot’s work.
Adam L Silverman
@leeleeFL: I have a full hurricane/emergency supply of everything all year long.
Adam L Silverman
@Doug R: Did someone tell you that about me?
Adam L Silverman
@🐾BillinGlendaleCA: Just stay away from the adrenochrome.
Adam L Silverman
@Honus: Pinellas County stopped fluoridating the water supply several years ago because one of the local cranks was being mean to the county commission about it. So they just gave him what he wanted.
ETA: They reversed the decision about a year or so later and started adding fluoride back into the water.
Adam L Silverman
@LongHairedWeirdo: I didn’t write the article, I just copied and pasted it.
Ken
@Carlo: Probably my own fault for not reading the original sources, but I’m not seeing the “defense in depth” here. Had they not had an operator watching the screens, when and how would this have been detected? For example, would the system page the operator(s) to alert them (as is fairly common in, among other things, cloud ops).
RepubAnon
Obviously it was an attack by Hillary’s e-mail server, which has joined Antifa and is now hiding on Hagbard Celine’s submarine.)
(/snark, just so it doesn’t start a new conspiracy theory)
sdhays
@Adam L Silverman: 😲 Wow. That’s just…wow.
Adam L Silverman
@Ken: From the quoted section of the reporting in my post:
Adam L Silverman
@sdhays: I double checked, apparently they started putting it back in about a year or so after they stopped.
Omnes Omnibus
@Adam L Silverman:
Dude, everyone knows.
Bill Arnold
Fluoride, Third Eye and the Conspiracy Against Humanity (Youtube, Jul 4, 2016, 8:00)
(This is gloriously non-American (India – Varanasi), a guy on a plush-velvet(?)/golden throne, and is about calcification of the pineal gland, which is a real thing.)
Omnes Omnibus
@Adam L Silverman: Those redundancies don’t seem very efficient. I though we were supposed to want everything to run like a business.
Ken
@Adam L Silverman: I saw that, but I was thinking of something in the software that would alert them to prevent the damage, instead of detecting it after the water’s already been contaminated. You want that anyway, in case the legitimage operator accidentally enters a number wrong.
Of course the chemical sensors are still a necessary backup, because of the hippies and their ell ess dee.
Ken
@Omnes Omnibus: For running municipal utilities like a business, see above reference to Flint Michigan.
Mallard Filmore
@🐾BillinGlendaleCA:
The light activates the lye.
Omnes Omnibus
@Ken: Remember when missed your snark?
Adam L Silverman
@Omnes Omnibus: Not me. I’m not even sure I want business to run like a business.
Adam L Silverman
@Ken: I have no idea.
🐾BillinGlendaleCA
@Omnes Omnibus: I’m going to branch out from my photography business and go into snark detector sales and service.
mrmoshpotato
@PaulWartenberg:
Yes please.
LeftCoastYankee
They took immediate countermeasures. The password for account “admin” is now 2345.
danielx
@PaulWartenberg:
Instead of WOLVERINES! we shall have GATORS! and CROCs!
The latter being the reptilian kind, not the ridiculous footwear.
Adam L Silverman
Send in the clowns…
danielx
@Adam L Silverman:
Will there be live bats, a la Ozzy?
🐾BillinGlendaleCA
@danielx: With Gym Jorden being on the team, yes.
mrmoshpotato
@danielx: What about gators wearing Crocs?
Adam L Silverman
@danielx: Possibly.
NotMax
As someone who has used TeamViewer* something smells rotten in the state of Florida.
1) An app like that has no business being installed on a computer in such an office.
2) Unless the program has been opened on both the computer there and the remote computer I cannot fathom how it could be used to gain access**. Why was it turned on (actively running) at the water plant facility? And by whom?
.
*makes it infinitely easier to diagnose/fix Mom’s computer on the rare occasion when she has concerns or a problem crops up over trying to have her describe stuff and walk her through steps over the phone.
**not saying it is impossible if it is not already actively running on the accessed computer but it does intuitively belie belief, as TV generates a new random password each time it is opened which must be used by the remote computer to gain access.
mrmoshpotato
@Adam L Silverman: Great googly moogly! I might have to watch this shitshow just for the comedy of errors from these morons.
Adam L Silverman
@mrmoshpotato: How much booze, popcorn, pretzels, and other snacks can you have delivered by tomorrow morning?
danielx
@mrmoshpotato:
Florida: anything is possible.
SiubhanDuinne
@mrmoshpotato:
What about Crocs-wearing gators wearing gaiters?
Adam L Silverman
@SiubhanDuinne: I hear you were looking for me…
NotMax
@NotMax
Amended.
1) An app like that has no business being installed on a computer in such an office. Who downloaded and installed it? And when?
Adam L Silverman
@NotMax: If they report who did, I’ll update with a new post.
mrmoshpotato
@Adam L Silverman: Enough to feed a small army probably given the ridiculous amount of delivery services today.
Redshift
@Adam L Silverman:
And possibly more important, all unrepentant defenders of the Big Lie that the election was stolen. Lawyers for The Orange One may not be willing to risk their professional reputations and legal sanctions by bringing it up, but I doubt these clowns will be able to resist.
If Trump demands that GOP senators openly endorse that to support acquittal, we may yet see a conviction. (Hey, I can hope, especially with the spate of retirement announcements!)
Adam L Silverman
@mrmoshpotato: Pace yourself.
mrmoshpotato
@SiubhanDuinne: Yes.
🐾BillinGlendaleCA
@NotMax: In all probability, they’re using Remote Desktop access built into Windows 10 Pro, they probably have it on so that someone, like a supervisor, with elevated network permissions can authorize some changes that the regular operator doesn’t have the permissions to do.
Adam L Silverman
@Redshift: Between the House chuckleheads, the attorneys he’s hired – the Orthodox Jewish one who asked to be accommodated because he’s shomer shabbos (literally guardian of the Sabbath meaning he won’t work from sundown Friday to sundown Saturday) has now withdrawn that request after the Senate granted the accommodation. It appears he was hoping they’d deny it so he could be performatively outraged and when they didn’t, he couldn’t, so he’s decided he can suddenly work on Saturday after all, and the Senate Republican anti-constitution caucus, this is going to be a Category 5 Shitshow.
🐾BillinGlendaleCA
@Adam L Silverman: You know what you did.
Another Scott
Bingo.
The description sounds like some sort of VNC access was available to the control computer in question. Some average joker isn’t going to know what to do if they come across some weird control software for a water treatment plant.
There isn’t some big virtual knob that says – “Turn me to poison the city!!11”. Someone would have to be familiar with the software and the plant for this to be remotely plausible as a malicious act.
My (uninformed) guess is that your quoted scenario is most likely accurate.
Plus, messing with a water treatment plant as some sort of evil hack is stupid. Any adulteration is diluted because of the vast amounts of water involved. Unless they plan to go into the homeopathy business or something…
Cheers,
Scott.
smike
@TomatoQueen:
Now that’s a tag line!
Adam L Silverman
@🐾BillinGlendaleCA: And I’d do it again…
Adam L Silverman
@Another Scott: Thank you for your support.
danielx
@Adam L Silverman:
A total fucking circus, which is exactly the sort of show preferred above all else by He Who Must Not Be Named.
piratedan
@Adam L Silverman: so we can expect the same bad faith bullshit kabuki from the same bad faith actors… problem is, this time they won’t be on Fox News or Newsmaxx and get to spar with passionate Dems who appear to be inclined to cut a motherfucker.
I look forward to watching them propose the Montoya defense of “you keep using that word but I don’t think it means what you think it means”..
Starboard Tack
@Adam L Silverman:
Oh, the sincerety!! (sob)
LongHairedWeirdo
@Adam L Silverman:
Adam, I *never* would have thought you’d make that mistake; off by a full order of magnitude? No way. (Well, maybe, if you confessed to being shy on sleep and just slipped a decimal place, but then you’d have already corrected the error.)
That was copied/pasted from a tweet (referenced in the post), and with my math background, I couldn’t let the mistake pass.
egorelick
I’m somewhat skeptical that safeguards were in place to prevent this from getting to the public. That might be so, but it’s also the kind of thing you say to minimize an incident that may have turned into a tragedy. IOW, it’s easy to say when nothing bad happened without actually backing up that assertion with a detailed explanation about how that backup safety measure actually would work. Also, does noone else find it a convenient coincidence that this supposedly non-Russian hack targeted the very town Mr. Silverman lives in?
mdblanche
I dunno. Oldsmar is awfully close to St Petersburg…
Clearly a Russian operation to take out Balloon Juice’s leading security expert.
NotMax
@BillinGlendaleCA
Early reporting, so subject to change, but –
LongHairedWeirdo
@RepubAnon:
Too late; there are wingnuts with depth charges patrolling Lake Michigan already, as part of the latest Trump boat parade.
@SiubhanDuinne: Or worse, an alligator in the house?
NotMax
@piratedan
“Only the best hires.”
//
Adam L Silverman
@danielx: Yep.
Adam L Silverman
@piratedan: Pretty much.
Adam L Silverman
@Starboard Tack: I have not forgotten that I owe you a post.
JaySinWA
@NotMax: Jebuss, from the article:
Management authorized and used remote access. They were going for ease of use and convenience, not security.
As to the culprit, if it was targeted then someone local, or a cat/baby attack by someone with authorized access. But it is entirely possible that someone scanning open ports hit a target of opportunity not knowing where it was located. More like the kid in the Wargames reference but possibly with more malice.
Adam L Silverman
@LongHairedWeirdo: No worries. As for short on sleep, I’m getting ready to rack out as I’m still catching up from Sunday. We had a really heavy storm front come through starting around 4 AM. The first squall line wasn’t too bad and was moving fast. But about 20 minutes after it moved off to the east we got slammed for almost two hours. High winds making the freight train coming down the tracks sound, which was disconcerting because we were under a tornado watch that had started around minute and was up through 7:30 AM. Then there was the torrential driving rain and the very small hail. And finally the persistent, steady thunder and lightning punctuated by some real thunderclaps. My lab mixes were exceedingly upset and spent almost three hours sitting on me. So I didn’t get much sleep. Last night I got a good night’s sleep, but one more tonight should stand me back in good stead.
danielx
So…pissed off current or former employee with some technical smarts who a) has a shit ton of water stored for everything – drinking, cooking, bathing or b) doesn’t get their water from the same source and c) had enough access, one way or another, to pull this off. Plus d) being more fucked up than Rocky the Flying Squirrel and (maybe) e) could have picked up the technical knowledge needed from anywhere on the internet, possibly by an untraceable method.
Or it could be a random nutcase doing this for unknown reasons, or a group of nutcases, or…
We have a matrix! Shit, they’ll have this solved by Wednesday.
In truth, seems like something that could be solved pretty quickly with the right software forensics, but I’m totally rambling and clueless.
Adam L Silverman
@egorelick: My brother is Mr. Silverman. He doesn’t live here.
Adam L Silverman
@mdblanche: Oldsmar isn’t that close to St. Petersberg. About 18 miles as the crow flies, but a good 35 to 40 minutes as the roads allow us to drive.
Starboard Tack
@Adam L Silverman:
Whenevz.
Adam L Silverman
@danielx: Given Oldsmar’s small size and location, one could live in 1/2 a dozen different municipalities or unincorporated parts of Pinellas County and be two feet from parts of Oldsmar. And, as a result, be on Pinellas County’s or Hillsborough Counties water system. So an insider threat wouldn’t necessarily need to stockpile water if they lived in Safety Harbor, Palm Harbor, Ozona (I still have no idea what Ozona is, but I think it is where they make the ozone), Lake Tarpon, and unincorporated Hillsborough County just over the county line on Racetrack Road and Tampa Road.
Adam L Silverman
@Starboard Tack: Sometime this week depending on whether the pro-Trump extremists who are determined to strike in the US don’t do something really stupid and really bad during the impeachment.
Adam L Silverman
Time for me to rack out. Catch everyone on the flip.
NotMax
@JaySinWA
F.B.I. already knock knock knocking on Matthew Broderick’s door as a “person of interest?”
//
NotMax
@Adam L. Silverman
Thought that was Ozone Park.
;)
Martin
I don’t think the point is that Russia was trying to hack Oldsmar. I think the point is that US infrastructure security is terrible, and even if we do find out it was someone sitting on their bed who weighs 400lbs, that’s not better because it implies that if a nation state did try to attack infrastructure, they’d have an even easier time of it.
Amir Khalid
@Adam L Silverman:
Does Trump know any lawyers who are not clowns?
Martin
@Amir Khalid: Oh, sure. But only clown lawyers would take Trump as a client.
Stephen
One of the earliest attacks was in Australia, in 2000. It’s documented here:
http://web.mit.edu/smadnick/www/wp/2017-09.pdf
Bruce K in ATH-GR
@Amir Khalid: Roy Cohn wasn’t a clown, was he? Dangerous and evil, but not a clown.
Amir Khalid
@Bruce K in ATH-GR:
Ah yes, Roy Cohn. Too bad he’s now post-life and unavailable to defend Trump.
Sloane Ranger
At this stage it’s too early to speculate about motivation. It could be another country, if not Russia, perhaps Iran or a terrorist group, either foreign or domestic, or a pissed off employee or ex employee or the cat/toddler or it could even be some true believer in the lye kills coronavirus myth your ex President put out there who genuinely believes they were performing a public good.
It’s important at the start of an investigation not to lock yourself into any specific hypothesis as this can lead the investigation down the wrong path.
mrmoshpotato
HaHAHa! So good.
NotMax
@mrmoshpotato
If we must go that route, go all the way: Qrazypants.
mrmoshpotato
@NotMax: Agreed.
sab
Thre is a new front page post. Why no little blue frosted arrows to the right?
Phylllis
Thread about dead, but have to chime in to say I know where Oldsmar is, being from Parrish*, FL.
*Home to Mr. Stealer of Nancy Smash’s lecturn. Can confirm, goober central.
Geeno
You’re being modest, Adam. They were after you the whole time.
PaulWartenberg
@LeftCoastYankee:
dammit you know perfectly well the security protocols for passwords is now 8-character minimum with at least one Upper case and one Lower case letter.
The new admin password is undoubtedly 1234Abcd. DUH.
J.
@PaulWartenberg: I am looking forward to the TV movie.
KrusherKing
@PaulWartenberg: Huh! Iive at the Ozona end of PH, feet from Dunedin.
KrusherKing
@Adam L Silverman: Ozona is a charming little bit of Palm Harbor, very old Florida, that contains some nice restaurants, including the world famous Ozona Pig, a really extensive antique/junk shop and a marina. It is strictly legal to travel around the streets of Ozona in a golf cart–it’s that small. once met an extremely amiable drunk who was driving a golf cart around Ozona at 6:00 AM. No street is wider than one lane in each direction. I
https://www.ozonavillagefl.us/
wenchacha
Is there a summary description of the Malcolm Nance/Naveen Jumali stuff on Twitter and elsewhere? Should I take their appearances in pundit shows with a few chunks of Himalayan salt?I
Thanks!
Thanks
Uncle Cosmo
Even paranoids have real enemies.
(Henry the K, referring to Tricky the Dick back in the day…)
The Moar You Know
Shame I missed this until this morning. My specialty.
This could have been anyone. It is almost certainly NOT a state actor as Adam says.
The security breakdown: they had a commercial remote access program, TeamViewer, running on a machine so that they could come in from outside and do their work thing (i.e. everyone working there has been on a down-low “work from home” program for quite some time, likely long before the plague).
The second security breakdown: there’s no reason for a facility like this to have internet connectivity at all. Oh sure, the office folks gotta have their email and you probably want to give the employees some wifi because the job is boring AF, but the plant control systems should be on a completely separate (physically and logically) network. Setting it up this way is not hard. It’s actually a lot easier for maintenance in many ways.
And yet, almost every infrastructure sector in this country has this because nobody wants to get up at two in the morning and drive in just to see what the alarm is. That particular form of laziness has got to stop.
By “every infrastructure sector” I mean all of them. Harmless water treatment plants like this, but also some truly scary-ass stuff like refineries, chemical plants – the kinds of places where fucking with a setting on a operating parameter can cause explosions and leaks of the kind of shit that an kill everything it touches. Again, this form of laziness has to stop. Unplug the networks and get bodies in the seats where the control systems are.
TeamViewer isn’t very secure, but then again not any of these telework programs are. The military is FINALLY taking action on this, but of course for right now we actually need them as there’s a lot of workspaces where people should not be entering unless they absolutely have to. That will look a lot different by this summer.
Running down the clown who did this will be easy to impossible depending on how smart they were. I rarely see a lot of smart attacks in my work, so I’m guessing 48 hours. I will differ with Adam’s analysis in only one major way – this wasn’t a current employee who just wandered off for a cuppa joe and had a cat do the laptop dance while they were gone. This was an outsider.
Shame you all missed the analysis from the forensics/security guy. Oh well. My best work always remains unread.
WaterGirl
@The Moar You Know: I read it!
Captain C
@Bill Arnold: A friend of mine is…very into this guy.
Adam L Silverman
@KrusherKing: I’ve been there, I was just being a smartass.
Adam L Silverman
@wenchacha: They’re both pretty solid. But there are times that Nance gets too far ahead of the information because it fits the analytical structures he’s built and is promoting.
It happens to everyone now and then.
Adam L Silverman
@The Moar You Know: I was being a bit facetious about the cat and the toddler. I don’t think that’s very plausible or probable either.
Boris Rasputin (the evil twin)
@Adam L Silverman: Wouldn’t you like to know?