TAMPA, Fla. (WFLA) — The search continued Tuesday for the hacker or hackers who deputies say tried to poison Oldsmar’s water system. The scare in the city has sparked new concerns that the pandemic is increasing the risk of cyberattacks on our critical infrastructure.
It is day five of the investigation in Oldsmar. The Pinellas County Sheriff’s Office says it has not identified any other similar incidents in the county, as of now. The case remains open and active.
The White House is also responding after the unidentified hacker tried to poison the water supply in Oldsmar, a city of fewer than 15,000 residents.
“The FBI and Secret Service are undergoing an investigation,” White House Press Secretary Jen Psaki said Tuesday.
The Pinellas County Sheriff says the system was remotely accessed on Friday to dramatically increase the levels of lye, the main ingredient in drain cleaner. While law enforcement officials stress the public was never at risk, the incident has revealed a vulnerability in critical infrastructures nationwide.
Cybersecurity experts aren’t just worried about the water but also nuclear plants, electrical power grids, sewer systems and more.
“I will say, broadly speaking, that the president, the vice president and members of our national security team are focused on elevating cybersecurity as a threat that has only increased over the past several years,” Psaki said.
Dr. Eric Cole has worked in cybersecurity for more than 30 years. He’s a former professional CIA hacker and chief scientist for Lockheed Martin.
“While there were exposures before COVID, COVID greatly increased the threat and exposure,” said Dr. Cole.
He says the pandemic is increasing exposure because more employees are working from home.
“Organizations overnight had to survive,” said Dr. Cole. “Many of these systems that were not directly accessible from the internet are now being directly accessible to make it easier for people to work remotely.”
Take Tampa Bay Water, for example. They supply water to more than 2.5 million people in the Bay area. In a statement, a spokesperson says, “During the pandemic, we temporarily provided remote access to a very select few employees; access requires multiple layers of authentication.”
Right now, the mayor of Oldsmar says the city is re-evaluating its policy on the continued need for remote access.
Bay area water supply agencies say there are multiple safeguards in place to protect the public. But cyber experts believe every local utility should be double-checking their network security to make sure they haven’t left the door open for hackers.
If you have a tip related to this topic, email investigator Mahsa Saeidi at MSaeidi@WFLA.com