Fired Employee Hacks and Shuts Down Smart Water Readers in Five US Cities

26Jun - by Pax_tan - 0 - In News

A Pennsylvania judge has sentenced Adam Flanagan, 42, of Bala Cynwyd, PA to one year and one day in prison for hacking and damaging the IT networks of several water utility providers across the US East Coast. The sentence was passed down last week for crimes committed in the spring of 2014.

CryptoMix Ransomware Using the Wallet Extension A new CryptoMix, or CryptFile2, variant was released that is now using the .ID.WALLET extension for encrypted files. This is very annoying as it makes it more difficult for victims to easily identify what ransomware they are infected with when they perform web searches. This is b...

According to court documents obtained by Bleeping Computer, Flanagan worked between November 2007 and November 2013 for an unnamed company that produced smart water, electric, and gas readers.

Flanagan's role with the company was as an engineer tasked with setting up Tower Gateway Basestations (TGB) for the manufacturer's customers, which were mainly water utility networks. In modern water grids, TGBs collect data from smart meters installed at people's homes and relay the information to the water provider's main systems, where it is logged, monitored for incidents, and processed for billing.

Flanagan disabled water reader base stations

Things turned sour when Flanagan's employer fired him on November 16, 2013, for undisclosed reasons. This didn't sit well with Flanagan, who used his knowledge of the TGB stations he installed to access these devices and disable their ability to communicate with their respective water utility providers' upstream equipment.

According to court documents, the FBI tracked down Flanagan's actions to six incidents in five cities across the US East Coast: Aliquippa (Pennsylvania), Egg Harbor (New Jersey), Kennebec (Maine), New Kensington (Pennsylvania), and Spotswood (New Jersey).

Flanagan's attacks resulted in water utility providers not being able to collect user equipment readings remotely. This incurred damage to the utility providers, who had to send out employees at customer premises to collect monthly readings.

South Korean Web Hosting Provider Pays $1 Million in Ransomware Demand Nayana, a web hosting provider based in South Korea, announced it is in the process of paying a three-tier ransom demand of nearly $1 million worth of Bitcoin, following a ransomware infection that encrypted data on customer' servers.The ransomware infection appears has taken...

Flanagan faced up to 90 years in prison, $3 million fine

After tracing the attacks back to Flanagan, US authorities filed charges on November 22, 2016, and arrested the suspect and seized his computer a day later.

At the time of his arrest, Flanagan faced a maximum sentence of 90 years in prison, plus a $3 million fine. He pleaded guilty on March 7, 2017, before receiving his sentence on June 14, 2017.

Flanagan is not the first employee to sabotage his employer, nor will he be the last. Similar cases include incidents like:

Leave a Reply

Your email address will not be published. Required fields are marked *