Florida water hack highlights risks of remote access work without proper security

Cybersecurity experts have long warned that insecure remote work software is a major source of weakness for hacking.

a man in a military uniform: Pinellas County Sheriff Bob Gualtieri addresses the hack to the Oldsmar, Florida's water facility's control systems through remote access software.

© Pinellas County Sheriff’s Office via AP
Pinellas County Sheriff Bob Gualtieri addresses the hack to the Oldsmar, Florida’s water facility’s control systems through remote access software.

The issue was brought into stark relief on February 5, when hackers gained access to a Florida water treatment facility by using a dormant remote access software and then tried to poison the water supply. The hack was quickly caught by a human operator at the facility, but the incident highlights a potential economy-wide problem as the Covid-19 pandemic has pushed millions of workers to work from home.

“The problem is not the fact that remote software existed. I think the problem is that an adversary got hold of the credentials such that the adversary was able to access it,” said Damon Small, Technical Director of Security Consulting at NCC Group North America.

“What it underscores, speaking as an information security professional, is the need for strong authentication when critical infrastructures are going to use these sorts of remote access systems.”

As CNN has reported, the treatment plant had used multiple computers running an aging version of Microsoft Windows to monitor the facility remotely. All of the computers shared a single password to access an apparently disused version of the plant’s remote management software.

According to Pinellas County Sheriff Bob Gualtieri and a Massachusetts government advisory to public water suppliers, the hackers gained access to the water facility’s control systems through remote access software known as TeamViewer.

Martina Dier, a spokesperson for TeamViewer, said an investigation found no evidence of suspicious activity on its platform.

Why remote work can lead to hacks

The rise of remote work has provided flexibility for people to work without risking large gatherings of coworkers. But it has also left workers more vulnerable to targeted attacks. And, in some cases, it has put previously secured work functions online, accessible to anyone with the right credentials.

Eric Cole, a former CIA cybersecurity expert and author of…