This is why you should secure your endpoints, especially if you are operating a critical infrastructure. This seems to be one of those supervisory interface that is exposed over the internet. Thank goodness no real harm was done.
And this time, Gualtieri says, the hacker did more than just remote in. According to the sheriff, the hacker spent up to five minutes in the system and adjusted the amount of sodium hydroxide in the water from 100 parts per million to 11,100.
“This is obviously a significant and potentially dangerous increase. Sodium hydroxide, also known as lye, is the main ingredient in liquid drain cleaners,” Gualtieri added.
Source: ‘This is dangerous stuff’: Hacker increased chemical level at Oldsmar’s water system, sheriff says