I get irritated by this stuff. Some guy is gonna take the fll for this, like the operations manager at the plant or whatever, always has to be a head to roll to look like youre doing something. ops manager at the plant probably knows water nside and out, he can probably like a droplet and tell you it composition, he knows the plant down to the last bolt, knows how to keep things running, etc. Hes not a cyber expert. Some time in the past, some geek city IT tech probably needed to do some software maintenance on some old machine and walking his fat ass all the way from hi ir conditioned office to the water plant was just too much, so he talked to a city administrator about how there just has to be efficiency and remote access is the way to go. this script kiddie IT skank probably set up the bare minimum security to make his job easy to access this otherwise gapped system that has no real reason to be connected other than fat johnny from IT didn't want to drag his trollup ass out of his chair. Johnny has long since left his job to do coke with hookers at the strip club.
but this is the water plant operations managers fault, his head must roll. He must be replaced (along with his 25 years experience) with some college grad, who "knows computers", but doesnt actually know shit about water treatment. Of course he will get in and see that the systems are antiquated (ie hes too dumb to figure out how to operate the plant) so within the next year there will be a tax referendum to upgrade the plant so "this never happens again" in the mean time the water is cloudy and tastes like shit because the operations manager isnt there to taste the drops. we live in weird times where the first response to any issue is to disrupt leadership... also, everything is "hacking" On Tue, Feb 9, 2021 at 11:19 AM James Howard <[email protected]> wrote: > Scary to think how many of these types of systems there are out there that > nobody knows how to change the passwords so employees leave or are fired > and the new guy is just told what the password is. That’s bad enough when > it’s not connected and exposed to the internet. The other problem is all > the systems exposed to the internet with password as the password……. > > > > *From:* AF <[email protected]> *On Behalf Of * Steve Jones > *Sent:* Tuesday, February 9, 2021 10:35 AM > *To:* AnimalFarm Microwave Users Group <[email protected]> > *Subject:* Re: [AFMUG] Wow > > > > This sounds a whole lot more like an ex employee with a RAT than > "hackers". GUI driven access to a water systems control and setting a > specific value is not the work of "hackers" > > I used to work at a factory as a supervisor of the contract staff when i > was like 18, one of my roles was to record a message on the PBX every night > indicating who was working, who was laid off, etc. I went to jail and lost > that job. some time later i was bored so dialed into the system and tried > out the numbers i pressed in house to see if there was external access to > record the message. there was. The message happened to be changed to > "nobody has to fucking work" that night, or so I hear. half the staff didnt > show up. > > > > > > They were "hacked" too > > > > On Tue, Feb 9, 2021 at 9:58 AM Mike Hammett <[email protected]> wrote: > > TeamViewer even... > > > > ----- > Mike Hammett > Intelligent Computing Solutions <http://www.ics-il.com/> > <https://www.facebook.com/ICSIL> > <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> > <https://www.linkedin.com/company/intelligent-computing-solutions> > <https://twitter.com/ICSIL> > Midwest Internet Exchange <http://www.midwest-ix.com/> > <https://www.facebook.com/mdwestix> > <https://www.linkedin.com/company/midwest-internet-exchange> > <https://twitter.com/mdwestix> > The Brothers WISP <http://www.thebrotherswisp.com/> > <https://www.facebook.com/thebrotherswisp> > > > <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> > ------------------------------ > > *From: *"Cameron Crum" <[email protected]> > *To: *"AnimalFarm Microwave Users Group" <[email protected]> > *Sent: *Tuesday, February 9, 2021 9:55:12 AM > *Subject: *Re: [AFMUG] Wow > > 1. Why is the system exposed to the public internet at all? > > 2. Why would they have remote desktop on a machine that has access to > these systems? > > > > Like most municipal IT departments, they are probably staffed with guys > who couldn't get a better job in the private sector. Scary. > > > > On Tue, Feb 9, 2021 at 9:46 AM Bill Prince <[email protected]> wrote: > > In one of the reports I read, they described the mouse/cursor moving > around as if an invisible hand was moving it. Sounds to me as if they're > doing a remote desktop or something? > > > > bp > > <part15sbs{at}gmail{dot}com> > > On 2/9/2021 7:42 AM, Nate Burke wrote: > > It's like the hacks of every late 80s-early90's moving coming true. > > On 2/9/2021 8:45 AM, Jaime Solorza wrote: > > > https://www.cnn.com/2021/02/08/us/oldsmar-florida-hack-water-poison/index.html > > > > > > -- > AF mailing list > [email protected] > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > > > -- > AF mailing list > [email protected] > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > > > > -- > AF mailing list > [email protected] > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > > ------------------------------ > > *Total Control Panel* > > Login <https://asp.reflexion.net/login?domain=litewire.net> > > To: [email protected] > <https://asp.reflexion.net/address-properties?aID=242260993&domain=litewire.net> > > From: [email protected] > > *You received this message because the domain afmug.com <http://afmug.com> > is on your allow list.* > > > -- > AF mailing list > [email protected] > http://af.afmug.com/mailman/listinfo/af_af.afmug.com >
-- AF mailing list [email protected] http://af.afmug.com/mailman/listinfo/af_af.afmug.com
