• Pat Flood (@rebarcock) passed away 9/21/25. Pat played a huge role in encouraging the devolopmemt of this site and donated the very first dollar to get it started. Check the thread at the top of the board for the obituary and please feel free to pay your respects there. I am going to get all the content from that thread over to his family so they can see how many people really cared for Pat outside of what they ever knew. Pat loved to tell stories and always wanted everyone else to tell stories. I think a great way we can honor Pat is to tell a story in his thread (also pinned at the top of the board).

Master Thread Dance Your Cares Away/Fraggle/Law Abiding Citizens

Master Threads
Does anyone have a good article or explanation on the backstory of the Fulton County audit that was just canceled.

If I remember correctly, a vote group was given access to some ballots and found a lot of discrepancies. This was then put before the court, where the judge approved an audit of the county.

Do I have that right?

Anyone have a link explaining the discrepancies clearly?

I greatly appreciate any help I can get in spreading the word - thank you!
 
MortgageHorn said:
A Very Good Poster In Here Recently Mentioned Water

BTW If I Was a Bad-Guy or Black-Hat Poisoning Our Water Supply Would be Top of My List - Easy and Would Kill Millions Immediately and Aftermath of Having No Potable Water

To the 3 Letter Agencies I'm Not a Bad Guy or a Black Hat - You Are - I'm Speaking Hypothetically

Maybe to "Watch the Water"

https://us-cert.cisa.gov/ncas/alert...J7C0zkNcMu7ivy9ceCJCFPw_d7-srKjUyvAIS3O35GOkI

This Alert Came Out Yesterday

Pasting Because It Is IMPORTANT and You Might Skip the Link

Alert (AA21-287A)​

Ongoing Cyber Threats to U.S. Water and Wastewater Systems​

Original release date: October 14, 2021

ummary​

Immediate Actions WWS Facilities Can Take Now to Protect Against Malicious Cyber Activity
• Do not click on suspicious links.
• If you use RDP, secure and monitor it.
• Use strong passwords.
Use multi-factor authentication.
Note: This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques.

This joint advisory is the result of analytic efforts between the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Agency (CISA), the Environmental Protection Agency (EPA), and the National Security Agency (NSA) to highlight ongoing malicious cyber activity—by both known and unknown actors—targeting the information technology (IT) and operational technology (OT) networks, systems, and devices of U.S. Water and Wastewater Systems (WWS) Sector facilities. This activity—which includes attempts to compromise system integrity via unauthorized access—threatens the ability of WWS facilities to provide clean, potable water to, and effectively manage the wastewater of, their communities. Note: although cyber threats across critical infrastructure sectors are increasing, this advisory does not intend to indicate greater targeting of the WWS Sector versus others.

To secure WWS facilities—including Department of Defense (DoD) water treatment facilities in the United States and abroad—against the TTPs listed below, CISA, FBI, EPA, and NSA strongly urge organizations to implement the measures described in the Recommended Mitigations section of this advisory.


Threat Overview​

Tactics, Techniques, and Procedures​

WWS facilities may be vulnerable to the following common tactics, techniques, and procedures (TTPs) used by threat actors to compromise IT and OT networks, systems, and devices.
  • Spearphishing personnel to deliver malicious payloads, including ransomware [T1566].
    • Spearphishing is one of the most prevalent techniques used for initial access to IT networks. Personnel and their potential lack of cyber awareness are a vulnerability within an organization. Personnel may open malicious attachments or links to execute malicious payloads contained in emails from threat actors that have successfully bypassed email filtering controls.
    • When organizations integrate IT with OT systems, attackers can gain access—either purposefully or inadvertently—to OT assets after the IT network has been compromised through spearphishing and other techniques.
    • Exploitation of internet-connected services and applications that enable remote access to WWS networks [T1210].
      • For example, threat actors can exploit a Remote Desktop Protocol (RDP) that is insecurely connected to the internet to infect a network with ransomware. If the RDP is used for process control equipment, the attacker could also compromise WWS operations. Note: the increased use of remote operations due to the COVID-19 pandemic has likely increased the prevalence of weaknesses associated with remote access.
  • Exploitation of unsupported or outdated operating systems and software.
    • Threat actors likely seek to take advantage of perceived weaknesses among organizations that either do not have—or choose not to prioritize—resources for IT/OT infrastructure modernization. WWS facilities tend to allocate resources to physical infrastructure in need of replacement or repair (e.g., pipes) rather than IT/OT infrastructure.
    • The fact that WWS facilities are inconsistently resourced municipal systems—not all of which have the resources to employ consistently high cybersecurity standards—may contribute to the use of unsupported or outdated operating systems and software.
  • Exploitation of control system devices with vulnerable firmware versions.
    • WWS systems commonly use outdated control system devices or firmware versions, which expose WWS networks to publicly accessible and remotely executable vulnerabilities. Successful compromise of these devices may lead to loss of system control, denial of service, or loss of sensitive data [T0827].

WWS Sector Cyber Intrusions​

Cyber intrusions targeting U.S. WWS facilities highlight vulnerabilities associated with the following threats:
  • Insider threats, from current or former employees who maintain improperly active credentials
  • Ransomware attacks
WWS Sector cyber intrusions from 2019 to early 2021 include:
  • In August 2021, malicious cyber actors used Ghost variant ransomware against a California-based WWS facility. The ransomware variant had been in the system for about a month and was discovered when three supervisory control and data acquisition (SCADA) servers displayed a ransomware message.
  • In July 2021, cyber actors used remote access to introduce ZuCaNo ransomware onto a Maine-based WWS facility’s wastewater SCADA computer. The treatment system was run manually until the SCADA computer was restored using local control and more frequent operator rounds.
  • In March 2021, cyber actors used an unknown ransomware variant against a Nevada-based WWS facility. The ransomware affected the victim’s SCADA system and backup systems. The SCADA system provides visibility and monitoring but is not a full industrial control system (ICS).
  • In September 2020, personnel at a New Jersey-based WWS facility discovered potential Makop ransomware had compromised files within their system.
  • In March 2019, a former employee at Kansas-based WWS facility unsuccessfully attempted to threaten drinking water safety by using his user credentials, which had not been revoked at the time of his resignation, to remotely access a facility computer.

Read Article for Suggested "Mitigations"​

Click to expand...
I design control systems for water plants. It would be very difficult to cause mass outages that could not be recovered from is a fairly short period of time. Most water plants are simple
Enough they can be operated manually. Even most of the complicated ones could be operated manually if they have a good operator which not all of them do. A lot of plants and municipalities have interconnects for redundancy or other permitting reasons so there would have to be a coordinated attack across many systems and municipalities for there to be a water shortage. Even then it’s hard for me to think of a way that remote access to scada would permanently damage equipment. Most of the equipment has local/hardwired controls to prevent damage to equipment no matter what the control system tells it to do.

As far as poisoning goes, you could not kill a lot of people with the chemical systems in most water plants. The dosing systems just don’t have the capacity to make water that poisonous. At most people would take a sip and realize something was off and not drink any more.

I’d be more worried about the power grid. A big electric utility has a much wider reach than any water system.
 
blob
 

Similar threads

NotoriousOutlawRecords
TFSF & its true purpose
Replies
13
Views
433
NotoriousOutlawRecords
NotoriousOutlawRecords
Cartoondude135
YouTube TERMINATED my account for NO REASON!
Replies
34
Views
1K
Asshole
Asshole
Chris Farley
  • Locked
  • Sticky
Welcome to TMAC!
Replies
0
Views
2K
Chris Farley
Chris Farley
Cartoondude135
Help me acquire discontinued sound effect libraries please
2
Replies
56
Views
4K
Rva
Rva
IAmDamagedGoods
Corrupt law enforcement agency!!! Legal advice/guidance needed!
2 3
Replies
113
Views
9K
Rebarcock.
Rebarcock.

Donate 2025

Current cycle
$0.00
Total amount
$620.00
Donate View

Latest posts

Back
Top Bottom