Hacked Florida water plant was still using Windows 7 | TechRadar

Investigators call attack on Oldsmar water supply system “unsophisticated”




Start Menu
(Image credit: Microsoft)
More details have emerged about the recent cyberattack on a water treatment utility in the city of Oldsmar, Florida, with the facility involved apparently still using outdated Windows 7 PCs.

Reports quote investigators as saying that “the cyber actors likely accessed the system by exploiting cybersecurity weaknesses, including poor password security and an outdated Windows 7 operating system to compromise software used to remotely manage water treatment.”

The hack, which could have caused a major catastrophe had it not been for an alert supervisor, has once again brought the spotlight on the threat to operational technology in civil infrastructure.

We've put together a list of the best endpoint protection software
Here’s our list of the best disaster recovery services
Take a look at these best malware removal software
Poorly configured systems
Microsoft ended mainstream support for Windows 7 on January 13, 2015, though it continued to receive security updates. However, Windows 7 finally reached end-of-life over a year ago on January 14, 2020 when Microsoft ceased to provide any update for the operating system, urging users to switch to Windows 10.

RECOMMENDED VIDEOS FOR YOU...
Despite this millions of users still haven’t updated from Windows 7. As it turns out, the Oldsmar county’s water treatment plant is one of them.

Dubbing the attack as “relatively unsophisticated”, the investigators shared that the attacker likely used the TeamViewer remote desktop sharing software to make his way into the system.

Speaking to TechRadar Pro, Eddie Habibi, Founder of PAS, which provides software solutions to prevent exploitation of operational technology, agreed, adding that “while much of the coverage of the cyber risk to critical infrastructure to date has focused on the age of many industrial control systems and the fact that they were not designed and deployed with security in mind, in this case, the attack vector appears to have been the increased level of remote access enabled by the Florida county.”