Cyberattack on the UK water company is
Cyberattack on the UK water company is "extremely concerning."
Share:

UK: A company providing water to more than 1.5 million people in the UK has revealed it was the target of a cyberattack, an incident that, according to security experts, exposed potentially dangerous vulnerabilities in the nation's critical infrastructure .

According to South Staffordshire plc this week, the incident was disrupting its corporate computer network, but it did not affect the company's ability to provide clean water.

After initially mistakenly identifying its target as Thames Water, a large water company that supplies London and the surrounding areas, a ransomware gang with ties to Russia known as Cl0p. took responsibility for the attack.

Cl0p claimed that it had stolen a large amount of data from the business and gained access to systems that control the amount of chemicals in the water, in a statement posted to a website that runs the dark web. The group said, "If you're shocked it's good.

According to the company's website, South Staffordshire plc is the parent company of South Staff Water and Cambridge Water, which together provide drinking water to more than 1.5 million people in areas close to Cambridge, West Midlands, South Staffordshire, South Derbyshire, North Warwickshire. makes available. , and North Worcestershire.

Hackers released screen shots that appeared to demonstrate their access to a water treatment facility, a control system for a CD mill

Although the breach was dangerous, cyber security experts cautioned that it was unclear how deep the hackers had penetrated the system and whether there were controls in place that could prevent unauthorized tampering with water supplies.

In a statement, South Staff Water credited "the prompt work of our teams" in addition to "robust systems and controls on water supply and quality" to maintain the safety of drinking water.

According to a UK government spokesman, "South Staffordshire plc is taking all necessary steps to investigate this incident, and following extensive engagement with South Staffordshire plc and the Drinking Water Inspectorate, we have been assured that there is no ongoing safe supply There will be no effect. Drinking water."

The incident was "extremely worrying," according to Chris Kubeka, a cybersecurity expert with experience working with industrial control systems, who reviewed the screen shots released by the hackers.

According to him, the ultraviolet settings, which are used to purify water and kill dangerous bacteria that can make people sick, seem to have been accessed by hackers.

"Attackers can do harm if they understand the sequence of adjusting the UV or the rinse/wash process," she said. The UV disinfectant process is very important.

According to Danielle Jablansky, cyber security strategist at Nozomi Networks, hackers may only have access to "remote viewer software". This software allowed users to view specific control systems without changing their settings. She said it was impossible to tell whether this was the case based on screenshots released by the hackers.

Water features have been targeted by hackers before. A hacker attempted to inject a chemical into Florida's water supply in February 2021, then gaining access to its water systems. An employee noticing the changes stopped the effort. In that event, the perpetrator has not been publicly exposed.

According to Jablansky, control systems at water treatment plants have layers of security that are sometimes disconnected from Internet networks, or "gaps in the air" to prevent unauthorized access and alterations.

Cl0p often uses malicious software to encrypt computer files before requesting payment to decrypt them.

The group claimed in its statement on Monday that it did not attack critical infrastructure or health organizations, so it did not encrypt the water company's computers.

However, the group claimed it attempted to extort cash in exchange for knowledge of how to "fix" the alleged security flaw and stole about five terabytes of data from the company's computers.

The British government is likely to respond strongly to an attack on the water feature, which is "a big deal", according to "The Grugg" by well-known security researcher.

If hackers are found in Russia, which has a reputation for refusing to cooperate with Western cybersecurity investigations, the country's law enforcement officials may not be able to catch them.

But he said it was possible for British intelligence services to conduct their own hacking operations and take Cl0p's cryptocurrency holdings.

British workers to face record pay cut against surging inflation

UK PM Race: Minister shifts allegiances from Rishi Sunak to Liz Truss

Rishi Sunak, Liz Truss clash over tax plans ahead of debate

Join NewsTrack Whatsapp group
Related News