Sal Zappulla is facing at least 21 felony counts as a result of his alleged hacking, according to The Miami Herald. The newspaper reported that Zappulla’s contract with the wastewater treatment district was not renewed in December, following email leaks to the media that brought to light several arguments between the CFO and colleagues.
The felony charges against Zappulla include 13 counts of computer crime with intent to defraud, seven counts of modifying information without authority and one count of deleting information from the district’s computers. He also faces nine misdemeanor attempted conspiracy counts.
Local 10 News said Zappulla is alleged to have used the login and password information of current district employees to access the district’s computer system from home. Police also say Zappulla downloaded emails and files related to himself.
District officials were tipped off to the hacking after Paul Christian, the facility’s IT manager, suspected something amiss after discovering emails addressed to Zappulla’s personal email account during a routine check of the email system in February.
Local 10 News also reported that when questioned by police earlier this month, Zappulla bragged that he was able to prove the wastewater treatment district’s computers were not secure.
Questions about the security of water system computer networks have been rising lately.
Last November, there was some concern that a hacker remotely caused the water pump system in an Illinois utility system to fail. The pump was turned on and off repeatedly until it burned out.
Federal officials from the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response team and the FBI investigated the incident, but could not support the claims made by the Illinois State Terrorism and Intelligence Center that foreign hackers had gained access to the computer system.
