Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Small Kansas Water Utility System Hacking Highlights Risks

A former Kansas utility worker has been charged with remotely tampering with a public water system’s cleaning procedures, highlighting the difficulty smaller utilities face in protecting against hackers.

A former Kansas utility worker has been charged with remotely tampering with a public water system’s cleaning procedures, highlighting the difficulty smaller utilities face in protecting against hackers.

Wyatt Travnichek, 22, was charged last month with remotely accessing the Post Rock Rural Water District’s systems in March 2019, about two months after he quit his job with the utility. He’s accused of shutting down the facility’s cleaning and disinfecting procedures.

When he worked for the utility, he would monitor the water plant remotely by logging into its computer system, the Kansas City Star reports.

The federal indictment says Travnichek used a Samsung phone to commit the offense. Post Rock utility officials declined to provide further details. Travnichek’s attorney, a federal public defender, didn’t respond to the Star’s request for comment.

No centralized database of hacker attacks on utilities exists, but a 2016 report from the federal Department of Energy said the Department of Homeland Security responded to 25 water cybersecurity incidents in 2015.

The Florida city of Oldsmar, population 15,000, reported in February that a hacker attempted to poison its water supply by remotely accessing its system and changing chemical levels. An employee was able to quickly reverse the hacker’s actions.

Small utilities such as Post Rock may not have the resources to hire dedicated information technology staff. Commonly their employees juggle multiple roles, including cybersecurity.

“As far as cities having an IT person, I just don’t know of any our size,” said Bill Shroyer, assistant city administrator in Sabetha, in northern Kansas, and president of the Kansas Rural Water Association. “And if we did have an IT person, they better know how to repair pot holes, fix water leaks, pick up snow and everything else that we do.”

Advertisement. Scroll to continue reading.

Security experts say the Post Rock case could be as simple as officials failing to revoke Travnichek’s electronic access after he quit. The indictment doesn’t specify how he accessed the system.

“If this is indeed a case with an insider, of course an insider could possess the methods to use that remote access if you don’t have good policies,” said Marty Edwards, an expert on critical infrastructure at the cybersecurity firm Tenable. “When the individual is terminated, for example, from a job, you want to make sure you remove their credentialed access from these systems.”

Related: U.S. Gov Warning on Water Supply Hack: Get Rid of Windows 7

Related: Hack Exposes Vulnerability of Cash-Strapped US Water Plants

Related: Industry Reactions to U.S. Water Plant Hack: Feedback Friday

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...