In 2021, we do a lot of things online: work, watch movies, chat with friends, pay bills, shop, see doctors, file our taxes and more. Bad people do things online, too: They steal credit card numbers, target minors and harrass the innocent. It's only getting more dangerous out there.
You applaud the good, you mitigate the bad. While technology may soon allow doctors to perform life-saving surgery from great distances, someone recently used the Internet to try to poison a town's water supply. NPR reports:
"It started with a cursor moving on its own, sliding across a computer screen at the water treatment plant in Oldsmar, Fla. Someone had taken remote control of a plant operator's machine, and in just a few minutes, they increased the level of sodium hydroxide in the city's drinking water by a factor of 100. After spiking the caustic substance to unsafe levels, the hacker immediately left the system."
Sodium hydroxide is also called lye. Too much of it in the water could have really hurt people. Oldsmar has almost 15,000 residents. That's a lot of folks who could have been poisoned with unsafe drinking water.
The good news is safety and monitoring protocols at the water treatment plant worked as intended. Someone realized there was a problem and stepped in to address it before things got out of hand.
But even if the worst was avoided, the fact that this happened, and nobody has yet been arrested for the crime, highlights the seriousness of digital security.
Most understand the threat of someone breaking into their home with a weapon and hurting them. That's why people lock their doors and invest in security systems. But the same threat exists in the digital world. It's not all Amazon purchases and Netflix.
As more systems integrate online connections, we need to take a good hard look at proper investment in digital security. Do you know how many publicly owned wastewater treatment systems dot the American land? The Cybersecurity and Infrastructure Security Agency says there are more than 16,000.
If hackers start randomly targeting those facilities, are you confident safety measures in every single one would prevent a disaster? How many wastewater treatment systems across rural America have the tools to defend their systems from online saboteurs? Now would be a great time to start checking, but yesterday would have been better.
While the FBI works to hunt down the person responsible for what almost happened in Oldsmar, how many copycats are getting their own ideas?
Cyber security is just as much a threat as physical security in the digital age. In fact, cyber threats can turn into physical threats. See Oldsmar, Fla. Cities, counties, states and folks on up the ladder need to realize our infrastructure has real vulnerabilities that need to be addressed.
The person responsible for this latest hack didn't employ some crazy HAL sidekick like you'd see in a Hollywood movie. The facility already had remote access set up on its computers.
It's not new technology, and there's plenty of legitimate uses for it today, especially when more of us are working from home during the pandemic.
All the hacker did was take control of an already available tool that gave access to introduce more lye into the water supply.
That's the kind of thing our infrastructure needs to be ready for. If failsafes don't catch something like this in the future, and a water treatment facility is compromised, it could dwarf Flint's water crisis.
These days, like all days, our motto should be: ever vigilant!