You’d think something as critical as a city’s or county drinking water supply would be well protected – you know, like how America’s nuclear armament was isolated from the Internet until recently and even relied on eight-inch floppy disks? And yet we have now had it two cases where someone could remotely log into a municipal water supply in a way that could have harmed people.
Do you remember the story of the Florida water treatment plant where someone could change the chemical levels? Something similar also happened in Ellsworth County, Kansas in March 2019, where 22-year-old Wyatt Travnichek is now accused of shutting down the region’s water treatment system “ with intent to harm it, ” said a statement from the Ministry of Justice
The wildest thing is that in both cases these municipalities were open to tampering – they installed the remote access software themselves so employees could log in to monitor the systems! That’s what Travnichek was hired to do in Kansas, and the authorities don’t even accuse him of ‘hacking’ the system in their indictmentHe just “logged in remotely” months after he left the job, started closing things and is now facing 20 years in prison.
That sounds remarkably like what happened in Florida, where the water treatment plant never bothered to change the password or even delete an old piece of remote control software after installing a newer one.
Maybe we should stop doing that. President Joe Biden is currently trying to implement a $ 2 trillion infrastructure plan, including billions to provide safe water and replace lead pipes, among other dangers. To keep the water safe, we also need to keep the water safe.
Cyberscope spoke to a customer service representative at the Kansas water company, who claimed the incident did not harm residents’ drinking water.