An advisory published by several federal agencies offered new insights on how an attacker might have accessed a system that allowed them to potentially contaminate water supply in Oldsmar, Fla.
(TNS) — An advisory published by several federal agencies offered new insights on how an attacker might have accessed a system that allowed them to potentially contaminate Oldsmar’s water supply.
The advisory detailed an unnamed water supply agency that was hit by a cyberattack, the attack date and details of which match what was publicly disclosed about the
Earlier this month, an attacker significantly increased levels of lye in the
At the time of the attack,
The federal advisory offered two other possible ways the attacker accessed the system: “poor password security” and outdated Windows software.
While the advisory did not explicitly say that Oldsmar’s systems were run on Windows 7 operating software, it said that version of Windows software is particularly susceptible to attack. Microsoft stopped providing updates for that version, which was originally launched in 2009, at the beginning of last year.
“Continuing to use any operating system within an enterprise beyond the end of life status may provide cyber criminals access into computer systems,” the advisory said.
Reached by phone, a spokeswoman for Oldsmar’s mayor’s office declined to comment.
Other critical infrastructure agencies have also been attacked through remote access software, it said.
The agencies recommended what experts the
(c)2021 the Tampa Bay Times (St. Petersburg, Fla.). Distributed by Tribune Content Agency, LLC.
Never miss a story with the daily Govtech Today Newsletter.