ST. LOUIS– A Florida water treatment facility fell victim to a hack attack last Friday and that has some wondering how easy is it to attack other critical infrastructure.
Officials say a plant operator at the water treatment facility noticed someone remotely accessing the computer system he monitors.
The computers are set up for allowing remote access to select people to troubleshoot problems, so the operator didn’t think much about the incident.
Scott Schaffer, Chief Information Security Office with Blade Technologies, questions why a system that was so critical had remote access enabled on that machine.
He says you need to be very careful what systems you allow to be accessed remotely. Schaffer says many of his clients use remote access but he reminds them it needs to be secured.
He says if a hacker gets access to your system you may not even know they were in there. He says in this case the operator saw someone moving the cursor and caught it.
Schaffer says critical infrastructures should consider having a system in place if remote access is needed. He suggests maybe someone has to call into the operator and remote access is granted for a specific amount of time.