Hacker tried to poison Florida water supply near Super Bowl, police say

Sodium hydroxide, also known as lye, is the main ingredient in liquid drain cleaners and is used to control water acidity and remove metals from drinking water at treatment plants.

Police say an attempt to contaminate a Florida city's water supply with sodium hydroxide has failed despite a hacker gaining remote access to the local water treatment plant's computer system. 

IRANIAN CYBER GROUPS CONTINUE TO MASQUERADE AS AMERICAN 'PATRIOT' ORGANIZATIONS THAT THREATEN US: OFFICIALS

Pinellas County Sheriff Bob Gualtieri said during a news conference on Monday that a plant worker at the city of Oldsmar's water treatment facility first noticed unusual activity with its computer system at 8 a.m. on Friday, when a hacker briefly access the system.  

At about 1:30 p.m., a hacker accessed the system again, taking control of the mouse and directING it to the software that controls water treatment. The hacker then briefly increased the amount of sodium hydroxide from 100 parts per million to 11,100 parts per million.

Sodium hydroxide, also known as lye, is the main ingredient in liquid drain cleaners. It also is used to control water acidity and remove metals from drinking water at treatment plants.

ORGANIZED SCAM GANGS RAKE IN $6.5 MILLION IN 2020, REPORT SAYS: 'GROWING RAPIDLY' IN US

After the hacker exited the system, a worker at the plant was able to intervene and reverse the change. 

"Because the operator noticed the increase and lowered it right away, at no time was there a significant adverse effect on the water being treated," Gualtieri said. "Importantly, the public was never in danger."

Gualtieri noted that even if the worker had not intervened right away, it would've taken between 24 and 36 hours to hit the water supply system and that there are other safeguards in place where the water would have been checked before it was released. 

FLORIDA MAN IN CRITICAL CONDITION AFTER EXCHANGING GUNFIRE WITH DEPUTIES

After making the fix, the worker notified a supervisor who disabled remote access to the system.

Police were notified of the incident late Friday afternoon, and the dapartment's digital forensics unit has been working to determine the cause for the breach and to identify the individual or individuals responsible. Gualtieri added that while the suspect remains unknown, police have leads that they are following.

It is currently unknown why the Oldsmar system was targeted and whether the breach originated from inside the United States or outside of the country. Gualtieri noted that police have "no knowledge of any other systems being unlawfully accessed."

Oldsmar is about 15 miles northwest of Tampa. The incident occurred on the same weekend as Super Bowl LV at Raymond Jay Stadium, where the Tampa Bay Buccaneers defeated the Kansas City Chiefs by 31-9. 

CLICK HERE TO GET THE FOX NEWS APP 

In addition to deactiving remote access, City Manager Al Braithwaite said the treatment plant would be making additional upgrades to the system to ensure the incident doesn't happen again. 

Police are asking that all government entities in the Tampa Bay area actively review their computer security protocols and make any necessary updates that are "consistent with the most up to date practices."

"This type of activity and this type of hacking of critical infrastructure is not necessarily limited to just water supply systems," Gualtieri warned. "It could be anything, it could be sewer systems, it can be a whole variety of things. It could really be problematic and this is where we want to make sure that we're paying close attention to all of it." 

The incident is under criminal investigation by the Pinella County Sheriff's office as well as federal partners at the FBI and the United States Secret Service. 

The Associated Press contributed to this report

Load more..