Iran could be behind a recent cyber hack of a small town in Florida’s water supply that occurred last week, warned several intelligence and law enforcement officials who spoke to this reporter. The situation in the city of Oldsmar, Florida could have been far worse, according to Sheriff Bob Gualtieri of Pinellas County, who verified that the sodium hydroxide in the system was brought to extremely harmful and even deadly levels. The attack was conducted by a hacker remotely, he told reporters on Monday.
“It’s a bad act. It’s a bad actor. It’s not just a little chlorine, or a little fluoride — you’re basically talking about lye,” Gualtieri said told reporters on Monday.
The small town hack, however, may have come from the world’s largest sponsor of terrorism: Iran. What’s more is that the regime was reportedly behind a similar attack on Israel’s water supply last year, per Fox News’ Trey Yingst. Its actions would certainly be an escalation in the regime’s rhetoric, which has threatened on multiple occasions to annihilate both the United States and Israel.
According to Dr. Rick Kiper, a retired FBI agent and computer forensic examiner, there’s a number of ways the intelligence community can trace such hacks to foreign sources. It is accomplished through what are known as “Indicators of Compromise” (IOCs).
“The Indicators of Compromise are basically pieces of digital evidence that reveal the tactics that hackers use to get into systems. Hackers, like the rest of us, can be kind of set in their ways,” Kiper told this reporter. “So even hackers have patterns that they use over and over again because they don’t want to reinvent the wheel each time. If they have a tactic that’s worked before, they’ll use it again.”
Another sign could be the IP addresses hackers use, he added, noting that the FBI has a public list of IOCs for Iran on the voting systems. For example, the hackers can use a technique called SQL injection to access a backend database of a website. Hackers can then use this to download website databases.
Iran has employed both such tactics, according to Kiper. “That’s basically what investigators are going to be looking for in order to identify who committed this intrusion – what actually happened and how do those actions actually match up to the known indicators of compromise,” he explained.
Sometimes, however, a hacker may use an IP address or a tactic that is associated with a completely different country in order to hide his identity. “They could put on the persona of either another hacker group or another particular hacker because there are Indicators of Compromise for specific groups, there’s Indicators of Compromise for countries, as well as for state actors, and then individuals.”
Kiper added, “However, we always like to say we catch the dumb ones, and a lot of times they won’t go through that effort, especially if they’re trying to get into a bunch of systems.”
One example of compromise, Kiper said, can be accomplished via remote access to SCADA, Supervisory control, and data acquisition systems that remotely manage utility equipment such as valves, electrical grids, etc.
“So a lot of utilities use a SCADA system because they don’t have to send workers out to turn valves and make direct connections, or actually to go read meters…. but of course, when you create convenience like that, you’re opening yourself up to security vulnerabilities and that’s exactly what happened.”
He concluded, “Indicators of Compromise are collected and shared. So if someone is hacked, they’re really encouraged to share exactly how they were compromised. But a lot of companies, they have shareholders, or they have maybe the chief information security officer, maybe his job is on the line and he really doesn’t want to put it out there publicly that they were hacked, but it really helps the entire community when people share that information.”
Foundation for Defense of Democracies Iran expert Behnam Ben Taleblu told this reporter Wednesday that the recent hack exposes a greater national security loophole that needs to be addressed by both sides of the political aisle.
“The recent hack of Florida’s water supply raises the issue of securing U.S. critical infrastructure from cyber and other malicious hacking activity,” Ben Taleblu said. “Securing American critical infrastructure should be a multi-year bipartisan policy proposition. In this regard, the best defense really is defense.”
He continued, “While Iran has not officially been proven to be the culprit, the clerical regime did attack Israel’s water supply in 2020 using cyber means. In the past, it has also attempted to hack American banks, casinos, and critical water-related infrastructure like dams.”
“Iran sees the cyber domain as one of several vectors to continue carrying out its strategic competition with adversaries. Doing damage to their critical infrastructure through cyber means is one way to land punches and not get caught. For a regime like Iran’s which also uses terrorism, these moves are consistent with its national security strategy. And that’s why it, if proven to be linked to Iran – will require a response.”
According to Israeli reporter Amichai Stein, Israel has joined the investigation into the Florida water supply hack and the Israel National Security Cyber Directorate “is in touch” with U.S. counterparts.
Thanks to local authorities, the poisonous water never actually made its way into local homes. However, the source of the hack is still being investigated.
The Pinellas County Sheriff’s Office denied having any contact with Israeli officials over the hacking and suggested the FBI or U.S. Secret Service may have more information regarding the query, in a statement to this reporter.
A U.S. Secret Service and FBI both declined to comment.
Follow Jennie Taer on Twitter @JennieSTaer
You may like
Trump: Tanks to Ukraine could escalate to use of ‘NUKES’
Former President Donald Trump stated bluntly on Truth Social, “FIRST COME THE TANKS, THEN COME THE NUKES. Get this crazy war ended, NOW. So easy to do!”
Trump was referring to the escalation of war in Ukraine. He, like many other commentators and lawmakers, are warning that the decision to continue sending weapons – and now tanks – could potentially lead to the use of “nuclear weapons.”
It’s mission creep and it’s dangerous, they say.
Why? Because Russian President Valdimir Putin has indicated in two different speeches that he would use nuclear weapons to defend Russia, if needed. Those warnings are not just bluster but a very real possibility.
And the escalation of war is visible.
Russia launched 55 missiles strikes across Ukraine Thursday, leaving 11 dead. The strikes come one day after the United States and Germany agreed to send tanks to Ukraine in an effort to aide the country. 47 of the 55 missiles were shot down according to Ukraine’s Air Force command.
Eleven lives were lost and another 11 were injured additionally leaving 35 buildings damaged in the wake of the attacks. According to The New York Times, Denys Shmyhal, said in a post on Telegram. “The main goal is energy facilities, providing Ukrainians with light and heat,” he said.
Ukraine is now demanding that they need F-16 fighter jets. In a post on twitter Ukrainian lawmaker, Oleksiy Goncharenko said, “Missiles again over Ukraine. We need F16.”
Morning. Missiles again over Ukraine. We need F16.
— Oleksiy Goncharenko (@GoncharenkoUa) January 26, 2023
The US has abstained from sending advanced jets in the chances that a volatile decision could foster more dangerous attacks like former President Trump’s post on Truth referred to. If the US did authorize the decision to lend Ukraine the F-16 jets Netherlands’ foreign minister, Wopke Hoekstra, would be willing to supply them. According to The New York Times, Hoekstra told Dutch lawmakers, “We are open-minded… There are no taboos.”
F-16 fighter jets are complex to work on, they are not the average aircraft that can be learned in a matter of weeks. It can take months for pilots to learn how to fly these birds. European and US officials have the concern that Ukrainian forces could potentially use the jets to fly into Russian airspace and launch attacks on Russian soil.
Western allies are trying to avoid such a provocation, because that could lead to nuclear warfare in reference to what Putin has said he would do to defend his country.
You may like
Featured6 days ago
REPORT: Exorcists called to drive out demons from Nancy Pelosi’s home
Elections1 day ago
Judge orders Biden’s DHS to release files on agents accused of censoring election ‘misinformation’
Immigration4 days ago
NYC Mayor turning cruise ship terminal into migrant shelter, ‘our city is at its breaking point’
Environment5 days ago
Major border town on ‘brink of collapse’ as migrants ruin agriculture, overrun hospitals and resources