How to secure critical systems for a hybrid workforce
In January 2021, Oldsmar, Florida, a small city in the shadow of Tampa Bay with fewer than 15,000 residents, became the target of a high-profile hacking operation. Threat actors accessed the city’s municipal water treatment facility and attempted to use their network access to increase the sodium hydroxide intake to lethal levels.
The municipal water facility relied on commercial grade remote access software that allows employees to share screens and troubleshoot IT. Threat actors compromised this software, which provided front-door access to the facility’s operational technology (OT) infrastructure.
This incident is emblematic of a frightening trend as critical infrastructure increasingly becomes a target for threat actors.
Notably, in October 2021, a disgruntled Australian IT consultant hacked into a municipality’s waste management system, subsequently dumping millions of liters of untreated wastewater into local parks, rivers, and businesses.
Troublingly, the threat isn’t limited just to water systems. The April 2021 ransomware attack on the Colonial Pipeline Co., the largest fuel pipeline in the U.S., cost the company millions of dollars to recover its digital assets, while brand erosion will have even more long-lasting repercussions. In addition, JBS Foods, the world’s largest meat supplier, was similarly victimized by a ransomware attack that crippled the company’s operations, impacting food prices and operational continuity in a critical sector.