Infrastructure Intrusion: America Under Attack

The February 2021 remote cyber attack to the water treatment system for the city of Oldsmar FL, could have put put 15,000 residents at risk. The fact that the attacker was able to get that far shows just how vulnerable America’s critical infrastructure and government environments are to remote cyberattacks.
The February 2021 remote cyber attack to the water treatment system for the city of Oldsmar FL, could have put put 15,000 residents at risk. The fact that the attacker was able to get that far shows just how vulnerable America’s critical infrastructure and government environments are to remote cyberattacks.

Guest OpEd by Chris Risley, CEO at Bastille Networks

It could have been worse. Much, much worse.

On February 5th, 2021, the city of Oldsmar, Florida was targeted for a cyberattack.

The intruder remotely hacked into the computer network of the city’s water treatment system and attempted to poison it with lye, putting 15,000 residents at risk.

The attack came to light when an employee noticed someone had control of his computer.

The intruder was able to compromise TeamViewer, a remote access program and take command of the employee’s computer mouse.

The employee sounded the alarm when he noticed an increase in the levels of lye.

Fortunately, the attack was mitigated.

But the fact that the attacker was able to get that far shows just how vulnerable America’s critical infrastructure and government environments are to remote cyberattacks.

(Learn More from Sheriff Bob Gualtieri of the Pinellas County Sheriff’s Officeon investigations after a hacker attempted to poison the water supply to the city of Oldsmar on February 5. Courtesy of Bloomberg Quicktake: Now and YouTube. Posted Feb 8, 2021.)

IoT Invasion

The threat of remote attacks has risen dramatically in the age of the Internet of Things (IoT).

It is estimated there are 15 billion IoT devices with radio frequency (RF) communication interfaces, making them vulnerable to RF attacks.

These devices can be found throughout the enterprise and include office equipment and personal wearables.

Among the most vulnerable devices are wireless mice and keyboards.

The MouseJack, KeyJack and KeySniffer threat discoveries uncovered glaring RF vulnerabilities in these devices that attackers could compromise to gain access to a system remotely by radio.

The research underscored the fact that millions of IoT devices are being used by individuals and enterprises with wireless protocols that have not been through sufficient security vetting, putting them at increased risk of an attack.

(See how Bastille’s research team discovers vulnerability effecting non-bluetooth wireless mice and keyboards by major manufacturers. Courtesy of Bastille and YouTube.)

In the case of Oldsmar, the key to the attack was that the attacker took control of the target’s mouse and adjusted the amount of lye being added to the water.  

The hazards of a potential RF attack is so disturbing that the Department of Homeland Security has allocated funds to equip IT and system administrators with real-time situational awareness of RF breaches.

The Rise of RF Attacks

The U.S. government has embraced and prepared for RF espionage attacks because China, North Korea and Russia are very sophisticated at exploiting RF techniques.

With this increased RF threat landscape, cyber attackers looking to target infrastructure have multiple avenues in which to conduct their nefarious deeds.

One of the more high-profile RF infrastructure attacks occurred in Dallas, Texas.

Using radio frequencies, a hacker was able access the Dallas emergency system and set off 150 weather sirens across the city for 90 minutes.

(A search was underway for a hacker who caused panic and confusion in Dallas by triggering all of the city’s emergency sirens, intended to warn people of incoming severe weather. Courtesy of CBS This Morning and YouTube. Posted on Apr 10, 2017.)

While ultimately harmless, the Dallas hack served as a warning that radio frequency is a productive entry point for hackers to carry out far more serious attacks on critical infrastructure.

Which brings us back to the attack in Oldsmar…

Preparing for an Attack

What’s particularly concerning about the Oldsmar attack is the fact that it happened in such a small city.

While there’s widespread recognition of the need to eliminate potential intrusions and attacks, there’s limited adoption and enforcement of security policies to combat bad actors.

This is especially true for smaller cities and towns across the country that may not have advanced security in place, making them very attractive to cybercriminals.

And while an attack on a city like Oldsmar may seem tiny compared to a major metropolitan city, the fact that 15,000 residents could have been poisoned is something that every city, regardless of size, needs to take extremely seriously.

So, what can be done to prevent the next Oldsmar scenario or worse?

With lives literally at stake, it is more important than ever for critical infrastructure to adopt the latest technologies and provide multiple layers of protection.
With lives literally at stake, it is more important than ever for critical infrastructure to adopt the latest technologies and provide multiple layers of protection.

It starts with a complete review of existing security postures.

Many critical infrastructures were designed decades ago without security in mind. Some still use traditional means of security such as firewalls or VPN’s that are no match for the sophistication of today’s threats.

With lives literally at stake, it is more important than ever for critical infrastructure to adopt the latest technologies and provide multiple layers of protection.

In protecting against RF threats, the adoption and implementation of tools that provide complete visibility into the RF airspace is imperative.

It is also crucial to remove unnecessary devices, components and interfaces, and to be vigilant in patching those vulnerable devices and components.

Further, particularly for critical infrastructure, remote access tools should never be accessible from the outside.

The Oldsmar attack is proof of the threats facing America’s infrastructure.

Whether this was a standalone incident or a dress rehearsal for a larger attack is unknown.

One thing is for certain: these types of incidents will continue and if our critical infrastructure is not prepared, these attacks will only get worse.

About the Author

Chris Risley, Chief Executive Officer at Bastille
Chris Risley, Chief Executive Officer at Bastille

Chris Risley has over 25 years of software business experience during which he has led nine venture-backed startups resulting in one IPO and four sales to public companies.

Most recently Risley was CEO of Defense.Net which sold to F5 Networks. Prior to this Chris was Chairman of StreamBase which sold to TIBCO.

Risley was also CEO of Digital Reef until it was acquired by TransPerfect in late 2012. Before that Risley was CEO of Nominum, Inc. acquired by Akamai, Risley’s background also includes service as CEO of NewChannel, an eBusiness service provider sold to LivePerson, and as Chairman and CEO of ON Technology Corp., a network security software provider acquired by Symantec.

Related Technologies…

Cellbusters and CHERRY Americas Take Platinum in 2020 ‘ASTORS’ Awards

American Security Today’s ‘ASTORS’ Homeland Security Awards program is now in its Sixth Year and continues to recognize the Outstanding Innovations of top firms and agencies in the Homeland Security and Public Safety fields.

2020 was a very challenging year for everyone due to the COVID-19 pandemic and the much heralded AST ‘ASTORS’ Awards Winners Presentations and exclusive Luncheon at the Jacob Javits Center in NYC had to be canceled and rescheduled for 2021 due to the virus.

Mike Madsen, Publisher, American Security Today
Mike Madsen, Publisher, American Security Today

However, the 2020 ‘ASTORS’  Homeland Security Awards Program was again a huge success and many new categories were added including a section for COVID-19 Detection and Innovation.

Cellbusters

Best Cell Phone Detection Solution

  • Zone Protector

  • The Zone Protector™ from Cellbusters provides maximum protection for your environment by continuously scanning for cell phone and user selectable RF transmissions, and is far more sophisticated than a cell phone detector.

  • Comparable to a spectrum analyzer, the Zone Protector™ has the ability to scan user-definable frequency ranges along with the ability to alert, notify, control a third party device, or simply log as soon as it detects relevant transmission activity.

The Zone Protector™ is the ultimate detection device. It is capable of detecting all cell phones (any carrier and any protocol in all countries) when the phone is in standby mode, texting, making a call or transmitting data.
The Zone Protector™ is the ultimate detection device. It is capable of detecting all cell phones (any carrier and any protocol in all countries) when the phone is in standby mode, texting, making a call or transmitting data.
  • Precise frequency filtering technology, managed and controlled by a 32-bit microprocessor, enables the Zone Protector™ to deliver accurate detection with virtually zero false positives.

  • Once cellular or appropriate RF activity is detected, the Zone Protector™ can be set to activate a choice of alerting options or to silently log all detected activity.

  • Additionally, Cellbusters Zone Protector has now been updated to detect 5G phones, proving a leading edge in the market, and protects investment in this technology for years to come.

  • *Cellbusters was also recognized in the 2019, 2018 and 2017 ‘ASTORS’ Awards Programs.

CHERRY Americas

Best Smart Card/Reader System

CHERRY SmartTerminal ST-1144
Smart, stable and can be operated with one hand. The SmartTerminal ST-1144 reads and writes your chipcards and with extremely low power consumption to boot.
  • Today, it is impossible to imagine access control to sensitive areas without smart cards. CHERRY’s SmartTerminal ST-1144 with USB connection supports allows user to protect sensitive data in a straight-forward and reliable way.

  • Whether access controls, network logon, or chip card-based internet transactions – the SmartTerminal ST-1144 makes a valuable contribution to protecting sensitive data.

  • The Department of Defense has been relying on CHERRY’s smart card terminals for many years.

  • The SmartTerminal ST-1144 is durable and robust, and is designed for around 100,000 mating cycles.

  • SECURE BOARD 1.0: The go-to first step of data security is usually through the use of passwords – which are unfortunately all too easily forgotten, changed too rarely or accidentally disclosed to third parties due to negligence – with all the negative consequences.

CHERRY SECURE BOARD 1.0 Contact/contactless card reader and encrypted key transmission
CHERRY SECURE BOARD 1.0 – Contact/contactless card reader and encrypted key transmission
  • This TAA Compliant security keyboard ensures maximum protection from “BadUSB” attacks via use of a secure mode, meaning that the authenticity of the device is verified on a certificate-based basis, and the key transmission is encrypted.

  • The SECURE BOARD 1.0 makes it impossible for hardware keyloggers to access sensitive access data and passwords by blocking the standard keyboard channel, “BadUSB” attacks are a thing of the past: USB sticks that log onto the system as a keyboard cannot inject uncontrolled entries and malicious codes.

  • The SECURE BOARD achieves higher security through two-factor authentication using a smart card. As a rule, the terminal with which the card is read out is required when processing smart card data.

CHERRY KC 1000 is rock-solid CHERRY technology with an excellent price/performance ratio. Modern, flat design with gentle, quiet and durable wear-resistant keys. Universal, reliable and optimized for professional use.
CHERRY KC 1000 is rock-solid CHERRY technology with an excellent price/performance ratio. Modern, flat design with gentle, quiet and durable wear-resistant keys. Universal, reliable and optimized for professional use.
  • KC 1000: The CHERRY KC 1000 keyboard features an integrated high-quality Smart Card terminal. These reliable and long-life keyboards feature an intelligent and ergonomic design, secure PIN entry, state-of-the art security technology and a USB connection.

  • These keyboards are known for long-lasting reliable operation – over 10 million key operations The KC 1000 keyboard is also a leading solution for government security applications.

  • *CHERRY was also recognized in the 2017 and 2016 ‘ASTORS’ Awards Programs.

The 2020 ‘ASTORS’ Awards Program was sponsored by ATI SystemsAttivo NetworksAutomatic SystemsDesktop Alert, X.Labs and Reed Exhibitionsevery one a returning Sponsor from 2020, 2019 and More.

Nominations are now being accepted for the 2021 ‘ASTORS’ Homeland Security Awards at https://americansecuritytoday.com/ast-awards/.

Comprehensive List of Categories Include:

Access Control/ Identification Personal/Protective Equipment Law Enforcement Counter Terrorism
Perimeter Barrier/ Deterrent System Interagency Interdiction Operation Cloud Computing/Storage Solution
Facial/IRIS Recognition Body Worn Video Product Cyber Security
Video Surveillance/VMS Mobile Technology Anti-Malware
Audio Analytics Disaster Preparedness ID Management
Thermal/Infrared Camera Mass Notification System Fire & Safety
Metal/Weapon Detection Rescue Operations Critical Infrastructure
License Plate Recognition Detection Products And Many Others!
COVID Innovations And Many Others!

 

Don’t see a Direct Hit for your Product, Agency or Organization?

The World Health Organization (WHO) declared the 2019–20 coronavirus outbreak a Public Health Emergency of International Concern (PHEIC) on 30 January 2020 and a pandemic on 11 March 2020. Local transmission of the disease has occurred across all fifty states in the America.

With the unprecedented occurrence of the COVID-19 pandemic, the focus of the safety and security industries has realized the need to increase innovations to address the daily growing challenges.

As such AST aims to make sure these firms and professionals are reflected in the 2021 ‘ASTORS’ Awards Program, so we’d like to encourage you to submit appropriate categories recommendations and include COVID-19 Frontline Professionals in your Nominations to see that these Professionals, Facilities, and Vendors receive the Recognition they Deserve!

Submit your category recommendation for consideration to Michael Madsen, AST Publisher at: mmadsen@americansecuritytoday.com.

Why American Security Today?

The traditional security marketplace has long been covered by a host of publications putting forward the old school basics to what is Today – a fast changing security landscape.

The traditional security marketplace has long been covered by a host of publications putting forward the old school basics to what is Today – a fast changing security landscape.

American Security Today is uniquely focused on the broader Homeland Security & Public Safety marketplace with over 75,000 readers at the Federal, State and local levels of government as well as firms allied to government.

American Security Today brings forward a fresh compelling look and read with our customized digital publications that hold readers eyes throughout the story with cutting edge editorial that provides solutions to their challenges.

Harness the Power of the Web – with our 100% Mobile Friendly Publications

AST puts forward the Largest and Most Qualified Circulation in Government with Over 75,000 readers on the Federal, State and Local levels.
AST puts forward the Largest and Most Qualified Circulation in Government with Over 75,000 readers on the Federal, State and Local levels.

The AST Digital Publications is distributed to over 75,000 qualified government and homeland security professionals in federal, state and local levels.

‘PROTECTING OUR NATION, ONE CITY AT A TIME’

AST Reaches both Private & Public Experts, essential to meeting these new challenges.

Today’s new generation of public safety and security experts need real-time knowledge to deal with domestic and international terrorism, lone wolf attacks, unprecedented urban violence, shifts in society, culture and media bias – making it increasingly difficult for Homeland Security, Law Enforcement, First Responders, Military and Private Security Professionals to implement coordinated security measures to ensure national security and improve public safety.

American Security Today

These experts are from Government at the federal, state and local level as well as from private firms allied to government.

AST provides a full plate of topics in our AST Monthly Magazine Editions, AST Website and AST Daily News Alerts, covering 23 Vital Sectors such as Access Control, Perimeter Protection, Video Surveillance/Analytics, Airport Security, Border Security, CBRNE Detection, Border Security, Ports, Cybersecurity, Networking Security, Encryption, Law Enforcement, First Responders, Campus Security, Security Services, Corporate Facilities, and Emergency Response among others.

AST has Expanded readership into integral Critical Infrastructure audiences such as Protection of Nuclear Facilities, Water Plants & Dams, Bridges & Tunnels, and other potential targets of terrorism.

Other areas of concern include Transportation Hubs, Public Assemblies, Government Facilities, Sporting & Concert Stadiums, our Nation’s Schools & Universities, and Commercial Business Destinations – all enticing targets due to the large number of persons and resources clustered together.

To learn more about the 2020 ‘ASTORS’ Homeland Security Award Winners solutions, Check Out the New 2020 ‘ASTORS’ CHAMPIONS Edition Fully Interactive Magazine – the Best Products of 2020 ‘A Year in Review’.

The Annual CHAMPIONS edition includes a review of the ‘ASTORS’ Award Winning products and programs, highlighting key details on many of the winning firms products and services, includes video interviews and more.

It is your Go-To source throughout the year for ‘The Best of 2020 Products and Services‘ endorsed by American Security Today, and can satisfy your agency’s and organization’s most pressing Homeland Security and Public Safety needs.

From Physical Security (Access Control, Critical Infrastructure, Perimeter Protection and Video Surveillance Cameras and Video Management Systems), to IT Security (Cybersecurity, Encryption, Data Storage, Anti-Malware and Networking Security – Just to name a few), the 2020 ‘ASTORS’ CHAMPIONS EDITION has what you need to Detect, Delay, Respond to, and Mitigate today’s real-time threats in our constantly evolving security landscape.

It also includes featured guest editorial pieces from some of the security industry’s most respected leaders, and recognized firms in the 2020 ‘ASTORS’ Awards Program.

  • For a complete list of 2020 ‘ASTORS’ Award Winners, click here.

For more information on All Things American Security Today, and the 2021 ‘ASTORS’ Awards Program, please contact Michael Madsen, AST Publisher at mmadsen@americansecuritytoday.com.

AST strives to meet a 3 STAR trustworthiness rating, based on the following criteria:

  • Provides named sources
  • Reported by more than one notable outlet
  • Includes supporting video, direct statements, or photos

Subscribe to the AST Daily News Alert Here.