A federal grand jury indicts a former employee of a contractor who runs a sewage treatment plant in a town in California who may have remotely turned off a critical system, endangering public health and safety. bottom.
Rambler Galler, 53, of Tracy, Calif., had a full-time job at a company in Massachusetts that was commissioned to operate a water treatment plant by the town of Discovery Bay.
Galler has an “Instrumentation and Control Technology” role at the plant and is said to have worked there from July 2016 to December 2020.
But according to the indictment, Galler allegedly implanted software that allowed his personal computer to remotely access systems on the Discovery Bay water treatment plant’s computer network.
Specifically, after resigning in January 2021, Gallo remotely accessed the facility’s computer systems and “unlocked the software that protects the entire water treatment system, including water, which is the primary hub of the facility’s computer network.” I sent the command to install.” pressure, filtration, chemical level. “
The US Department of Justice press release offered no explanation for Gallo’s actions or any possible motives.
However, if this claim is true, the organization’s failure to adequately control who has access to sensitive systems has failed yet again. When staff or contractor members leave the organization or are assigned to another role within the company, it is important to revoke their rights to systems they no longer have access to.
My heart immediately flew back to June 2021. It was then reported that malicious hackers used the former employee’s TeamViewer account to gain remote access and break into a water treatment plant that serves the San Francisco Bay.
Disgruntled current or former employees often abuse their access privileges to cause just as much (or more) damage than traditional cybercriminals.
When it comes to critical infrastructure such as water treatment plants, it is especially important to implement appropriate access controls and regularly evaluate them.
In October 2021, officials warned that sewage systems were regularly targeted by ransomware groups seeking to disrupt operations and extort money. Perhaps what they need most is to worry about their dishonest ex-employees.
If found guilty, Gallo could face up to 10 years in prison and a fine of US$250,000.
Editor’s Note: The opinions expressed in this guest author article are those of the contributor only and do not necessarily reflect those of Tripwire.
