London Daily

Focus on the big picture.
Wednesday, Jul 01, 2026

Cybercriminals are selling access to water treatment plants like the one hacked in Florida — here's why experts think the problem could get worse

Cybercriminals are selling access to water treatment plants like the one hacked in Florida — here's why experts think the problem could get worse

Experts expect that "we'll see more news of attack scenarios and how those attacks can be monetized" because of ongoing security vulnerabilities.
Cybercriminals in underground forums have offered to sell access to hacked systems that control US power plants and water treatment systems, according to a new report from the threat intelligence firm Intel 471. Hackers likely took advantage of common security vulnerabilities in these systems, experts say — and they fear that such attacks could become more common as bad actors find ways to monetize the hacks.

The systems that cybercriminals offered access to bore a striking resemblance to the Oldsmar, Florida water treatment plant that was compromised by a hacker last week. Law enforcement officials said an unknown intruder gained access to software used by plant managers to remotely control its systems and attempted to raise the amount of sodium hydroxide — also known as lye — in the drinking water to dangerous levels.

Intel 471 researchers were careful to note that they don't have hard evidence proving that the cybercriminals offering access to hacked industrial systems are the same ones who hacked the Oldsmar plant. But their findings illustrate broader cyber vulnerabilities in US systems that control infrastructure. For years, experts have sounded alarm bells about potential issues with these so-called Supervisory Control and Data Acquisition systems (or SCADA systems), which monitor and control machines in the field.

"Attacks on SCADA systems are not new," an Intel 471 spokesperson said in response to emailed questions from Insider following the report. "It is often easy for non-sophisticated threat actors to identify internet-facing SCADA systems and gain access with very little effort."

In one instance logged by Intel 471, a cybercriminal in a Telegram channel popular with hackers offered in May 2020 to sell access to a "Groundwater Recovery & Treatment System" located in Florida. The hacker claimed to have broken into software used by administrators to remotely control the system, and included a screenshot that showed levels of sodium hydroxide in the water.

The person who posted the screenshots in the Telegram channel was likely an Iranian actor, Intel 471 researchers said. The Telegram channel in question was also tied to a 2020 hack of an Israeli water reservoir. There's no evidence to suggest that this person was motivated by anything other than monetary gain and notoriety, the spokesperson said.

The researchers' findings illustrate broader weaknesses in the cyber defenses of US critical infrastructure. Many industrial control systems can be easily located using online directories like Shodan, which logs internet-connected devices. From there, experts say even low-level hackers can scour out stolen or default login credentials to try to break into the software that controls the systems.

"SCADA systems are notorious for using weak default admin credentials, non-standard ports, and other technical identifiers," the spokesperson told Insider.

Too much critical infrastructure is connected to the public internet with lax security protections, in part because of egregiously low cybersecurity budgets.

Industrial systems are a growing target for profit-driven hackers across the board. In the past year, researchers have tracked cybercriminals probing computers connected to critical infrastructure and reselling access to those computers to more sophisticated hacking groups, according to the security firm Kaspersky.

"We believe the malicious actors have had, for quite a while, access to not only industrial organizations but also lots of information on their technological processes," Evgeny Goncharov, Kaspersky's head of Industrial Control Systems Cyber Emergency Response Team, said in a webinar Thursday. "Probably in the near future we'll see more news of attack scenarios and how those attacks can be monetized."

The FBI published a joint advisory with the Cybersecurity and Infrastructure Security Agency on Thursday advising critical infrastructure agencies to install the latest version of Windows and urging them to be on the lookout for suspicious logins to their remote access software.
Newsletter

Related Articles

0:00
0:00
Close
Global Billionaire Numbers Rise 13 Percent Amid Artificial Intelligence Stock Boom
Body of Fifteen-Year-Old Boy Recovered from Manchester Reservoir
Major Rail Disruption in UK After Cows Stray Onto Intercity Tracks
UK Launches National Campaign to Reduce Water Consumption After Heatwave
Foreign Secretary David Lammy Raises Case of UK Woman Death with US Authorities
Shetland Islands Council Approves Subsea Tunnel Plans Linking Major Islands
Telegraph Media Group Takeover by German-Led Consortium Completed
Resident Doctors in England Accept Government Pay and Conditions Deal
Andy Burnham Sets Out Ten-Year Economic Vision Amid Labour Leadership Debate
Asylum Seekers in UK Face £10,000 Contribution Requirement Under New Law
UK Government Moves to Break Apple and Google App Store Dominance
New UK Steel Tariffs and Import Quotas Aim to Shield Domestic Industry
Damning Report Exposes Failures in Maternity and Neonatal Care Across England
Government Data Reveals Five Billion Pound Shortfall in UK Defence Budget
Prime Minister Keir Starmer Unveils Three Hundred Billion Pound Defence Investment Plan
UK Crime and Policing Act 2026 Comes into Force with New Justice System Reforms
UK Prime Minister Hosts NATO Secretary General Mark Rutte for Security Talks at Downing Street
UK Tightens Oversight of Emissions Trading Scheme Through New Ministerial Directions
UK Issues Statement at UN Security Council on Violence in the West Bank
UK Environment Agency Clears Illegal Waste Site in West Yorkshire After Court Action
UK Resident Sentenced for Fraudulently Claiming £30,000 in Covid Business Loans
UK Launches Taskforce to Help Young People Claim Dormant Child Trust Fund Savings
UK Gambling Commission Fines Betfred Operator Petfre Gibraltar £900,000 Over Social Responsibility Failures
UK Appoints Lord Collins as Global Envoy for LGBT+ Rights
UK Expands Detention Capacity to Support Removal of Foreign Criminals and Failed Asylum Seekers
UK Resident Doctors End Strike Action After Accepting Government Pay Deal
UK Tightens Sentencing for Domestic Killings with 25-Year Starting Point for Murder of Partners
UK to Build at Least Six New Royal Navy Warships Under Expanded Defence Programme
UK Government Unveils £5 Billion Defence Investment Plan Focused on Drones and Autonomous Warfare Systems
UK Economy Records 0.6% First Quarter Growth as Services and Manufacturing Drive Steady Expansion
Welsh Government Unveils New Agricultural Support Plan Focused on Sustainability and Rural Growth
UK Teacher Recruitment Shortfalls Continue in Science and STEM Subjects
Police Scotland Expands Cybercrime Investigations Amid Rising Digital Fraud
UK Universities Warn of Risk to International Student Numbers Amid Visa Changes
UK Defence Ministry Pivots Toward Greater Domestic Military Procurement
UK Launches National Rail Review After Repeated Service Disruptions
Northern Ireland Assembly Debates Long-Term Funding Settlement for Public Services
UK Accelerates Approval of North Sea Offshore Wind Projects to Expand Energy Capacity
UK Retail Sales Fall as Households Cut Discretionary Spending in June
UK Expands Border Intelligence Cooperation with France and Belgium to Target Smuggling Networks
Scottish Government Faces Pressure Over Delays in Major Infrastructure and Transport Projects
UK Launches Multi-Billion-Pound Artificial Intelligence Infrastructure Investment Fund
National Health Service Warns of Continued Emergency Department Strain Across England
Bank of England Signals Interest Rate Hold as Wage Growth Keeps Inflation Elevated
UK Sets Emergency Fiscal Strategy as Inflation Pressures and Weak Manufacturing Growth Persist
UK Launches New Measures to Improve Safety Standards in Night-Time Venues
UK Tightens Import Rules for Low-Value Parcels to Support Domestic Retailers
UK Launches £85 Million Obesity Care Programme Targeting Early Intervention Projects
UK Commits Up to $26 Million to Ebola Response in Democratic Republic of Congo
Security Industry Authority Flags Safety Failures in Night-Time Economy Inspections
×