0:06
hi everyone Sean mman with secure cyber
0:08
and we have breaking news for Monday
0:12
2024 the FBI and Homeland Security have
0:15
announced today that as of yesterday a
0:17
Water Treatment Facility in Arkansas
0:19
City had been compromised by a Cyber
0:21
attack the plant is currently operating
0:24
in manual mode and the city has advised
0:27
that currently they are not seeing that
0:29
any of the uh there's no danger to the
0:31
water system in Arkansas City so let's
0:35
break this down just a little bit how
0:36
does a water treatment facility get
0:38
compromised in a Cyber attack let's talk
0:40
through various examples Number One
0:43
external access is not properly
0:45
regulated so what that means is the city
0:49
or the water treatment facility itself
0:52
could possibly have some software out
0:55
there that's that's on the network that
0:57
is improperly exposing the water
0:59
treatment plant to the internet itself
1:02
uh we saw this in the old Florida case
1:05
where uh something like team viewer was
1:07
used to access the plant remotely this
1:10
could possibly be what's happened there
1:12
number two improper segmentation what
1:15
that means is possibly the city's
1:18
Network and the water treatment plant
1:20
could have possibly had some bleed over
1:22
where City resources could get to the
1:25
water treatment facility itself what we
1:27
typically see is that there's a firewall
1:29
in a big break between the city water
1:33
treatment facility and the city Network
1:35
itself and then we also see a firewall
1:37
that it's needed to go between the water
1:40
treatment facility itself and the
1:42
control system the third thing is they
1:46
didn't have proper endpoint protection
1:48
on the HMI system itself the HMI system
1:52
and we'll probably have a Graphic up is
1:54
the actual graphic interface that if an
1:57
attacker was able to get access to that
2:00
could make changes to the water system
2:01
they could change pump levels they could
2:03
change pressure they could empty water
2:05
towers um all those types of things so
2:08
that is the worst case scenario uh than
2:10
an attacker would get access to that so
2:13
the fact that we see the plant in manual
2:15
operation what does that mean that just
2:17
means that they probably wanted to as a
2:19
precaution take a lot of the control
2:21
systems offline so that they could do an
2:23
investigation to make sure that those
2:25
systems weren't compromised so we'll
2:28
we'll keep following this for you please
2:29
like And subscribe the channel uh as we
2:32
get updates we will put those out but
2:34
for right now this is breaking news a
2:36
Water Treatment Facility in Arkansas
2:39
city has been compromised stay tuned
