After Oldsmar attack, Nikki Fried calls for Florida cybersecurity update

Agriculture Commissioner Nikki Fried is calling on Gov. Ron DeSantis for an update on Florida’s cybersecurity preparedness in the wake of the Oldsmar water system attack.

In a letter Friday, Fried asked DeSantis for the Florida Cabinet to discuss Florida’s ability to address similar incidents at its next meeting, which is scheduled for March 9, “given the clear and present danger these cyberattacks pose.”

“Cities, counties, states, and public utilities are increasingly vulnerable to cyberattacks becoming more complex,” she said.

Earlier this month, an unknown attacker managed to increase the amount of lye used to treat water at an Oldsmar facility, but an employee noticed the attack while it was happening and reversed it. Experts said this highlights a longstanding issue of cybersecurity for the state’s critical infrastructure, which is often retrofitted for internet connectivity and security.

Systems controlled by municipalities and smaller agencies in particular are often vulnerable because they may not have the same funds or resources larger organizations do to implement strong security.

Following the attack, federal officials issued an advisory about the threat that cited an incident that matched the description of what happened in Oldsmar, saying the attacker may have taken advantage of “poor password security,” an outdated operating system or the remote access software TeamViewer.

While it didn’t specifically say Oldsmar was using Windows 7 for its operating system, the advisory went into detail about the security threats that version of software faces because it is no longer supported by Microsoft.

It recommended other agencies take a number of steps to secure their systems.

Florida government entities have faced several public security incidents in recent years. Riviera Beach paid $600,000 in 2019 following a ransomware attack, where an attacker encrypted the city’s data and required a fee to unlock it, and Lake City paid $460,000 in a similar incident later that year.

Agricultural commissioner Fried also sent letters to the Florida Association of Counties and the Florida League of Cities urging their members to examine their preparedness for similar attacks.