Turns out that Florida water treatment facility left the doors wide open for hackers
By now, you’ve probably heard the theoretically scary story of how hackers managed to infiate the computer systems at a water treatment plant in Oldsmar, Florida and remotely control the chemical levels — but it turns out that description gives the hackers far, far too much credit.
The reality? The water treatment plant itself left off-the-shelf remote control software on these critical computers — and apparently never, ever bothered to change the password.
An official cybersecurity advisory about the incident from the state of Massachusetts (via Ars Technica) explains that the SCADA control system was accessed via TeamViewer, the kind of remote desktop application an IT administrator might roll out to remotely troubleshoot…