Tweet
— Twitter API (@user) date
Seems as though it was just blind luck that a supervisor was remotely accessing the system & watched the hack live & was able to reverse it.Scary. Seems like something that could easily be missed if an employee was more lax
Seems ridiculous that it's even possible to raise it by that much too.Seems as though it was just blind luck that a supervisor was remotely accessing the system & watched the hack live & was able to reverse it.
There is so much noise we miss some of the big misses. Unfortunately I think we’ll be hearing about a lot more stuff like this in the future.I’m surprised we don’t hear more about stories like these.
Probably the former.reading that article, prime suspect is going to be a disgruntled employee or ex employee that didn't have their accesses revoked.
For some reason in the US it's becoming more and more frequent to want to go out with a big show when you lose your job or hate your workplace.
Next best guess would be some international actor "sending a message" but it would be pretty bold.
I think @WPMUFC may have nailed the culprit - an ex employee who still had his / her access or knew about access that hadn’t been taken offline.https://www.bbc.co.uk/news/world-us-canada-55989843
I thought critical infrastructure was disconnected from the main "internet grid"? (Sorry, I don't know the precise terminology).
https://www.bbc.co.uk/news/world-us-canada-55989843
I thought critical infrastructure was disconnected from the main "internet grid"? (Sorry, I don't know the precise terminology).
I think @WPMUFC may have nailed the culprit - an ex employee who still had his / her access or knew about access that hadn’t been taken offline.
Could easily be a remote network login, seriously doubt this is going to be pinned on a state actor. Some kind of employee almost 100% guarantee.The computer system at the water treatment plant was set up to allow authorized users to remotely access it for troubleshooting.
When I read this earlier today my initial thought was the IT company that services the town has been compromised. Has happened quite a bit recently. MSPs are a huge target for threat actors as infiltrating an MSP gives them direct scripted access to hundreds, possibly thousands of systems. However, those attacks are motivated by monetary gains.reading that article, prime suspect is going to be a disgruntled employee or ex employee that didn't have their accesses revoked.
For some reason in the US it's becoming more and more frequent to want to go out with a big show when you lose your job or hate your workplace.
Next best guess would be some international actor "sending a message" but it would be pretty bold.
Absolutely.Detective controls result in two things: near misses and losses/failures.
Some systems accesses need to be removed immediately when an authorized user leaves. Most organizations are terrible at this.
But, an ex-employee can easily be psychopathic or sociopathic. Or they simply are too ignorant to see the potential result of what they consider a simple act of industrial vandalism.I would understand a disgruntled employee to harm a company (even public), but with an action that could kill hundreds of people? that would not be disgruntling. That would be psychopathic. Also, I don't think that a person smart enough to pull that off (even if rudimentary) would not know the consequences and most likely that he would get caught. Hard to believe that is an ex-employee IMO
Or maybe a Q nutjob working there and taking back the country
whilst obviously possible to do, someone had to be added to the authorised list of remote accesses to do what was done. It wasn't simply a remote in from home thing, the receptionist isn't going to have network privileges to change chemical controls.I would understand a disgruntled employee to harm a company (even public), but with an action that could kill hundreds of people? that would not be disgruntling. That would be psychopathic. Also, I don't think that a person smart enough to pull that off (even if rudimentary) would not know the consequences and most likely that he would get caught. Hard to believe that is an ex-employee IMO
Or maybe a Q nutjob working there and taking back the country
EngadgetWhoever was behind the intrusion, they were able to use the computer because it was configured for remote access to assist with troubleshooting.
