A man has been charged with intentionally trying to sabotage the IT infrastructure that runs a water treatment plant in a California town.
Rambler Gallo, 53, of Tracy, Calif., worked for a Massachusetts company that operates water stations in Discovery Bay, about 90 miles from San Francisco.
He worked as an Instrumentation and Controls Technician for the company from 2016 to 2020, responsible for the computer systems used for process control in a factory serving approximately 15,000 residents.
Read more about OT threats: Researchers reveal 56 OT bugs in ‘Icefall’ report
However, according to the Department of Justice (DOJ), when he retired in January 2021, Gallo had remote access to the facility’s computer systems via software he had installed on his PC while working for his former employer. .
He then sent commands to uninstall critical software used to manage the water plant’s computer network. The Justice Department claimed that the software protects the entire water treatment system, including pressure, filtration and chemical levels.
It’s entirely possible that he held a grudge against his former employer, but it’s unclear why he did so, or what the consequences of his actions were.
However, Gallo is now charged with transmitting programs, information, code and commands that damage protected computers. If convicted, he faces up to 10 years in prison and a $250,000 fine.
This incident followed a similar incident in 2016 when threat actor hackers used outdated operational technology (OT) systems and inadequate internal security to gain access to 2.5 million financial records and attempt to alter water supply. reminds me of
A recent incident in Oldsmar, Fla., in 2021 was initially reported as another remote attack by someone who attempted to increase the amount of sodium hydroxide (lye) in the water by almost 100 times. However, it was later discovered that this was simply an employee error.
