July 13, 2023

Insider Threats Against Health and Public Safety – DOJ indictment:

Karlene Berger

Last week the Department of Justice announced indictment against an individual who damaged a computer system within the Water Treatment Facility in Discovery Bay, California, creating a threat against the public health and safety.  The individual worked for Company A “contracted with Discovery Bay to operate the town’s wastewater treatment facility.”

This case contains the hallmarks of an insider threat security incident:

  • Hired for a specific role: The individual’s responsibilities included “ ‘Instrumentation and Control Tech,’ with responsibility for maintaining the instrumentation and the computer systems used to control the electromechanical processes of the facility in Discovery Bay”
  • Had Access: While the individual was employed, he “installed software on his own personal computer and on Company A’s private internal network that allowed him to gain remote access to Discovery Bay’s Water Treatment facility computer network.
  • Resigned, then allegedly attempted to tamper with the water treatment system: He “allegedly accessed the facility’s computer system remotely and transmitted a command to uninstall software that was the main hub of the facility’s computer network and that protected the entire water treatment system, including water pressure, filtration, and chemical levels.”

More details on the case can be found in the court documents available for download here.

Security fundamentally is delivered through cooperation and teamwork.  That cooperation is maintained by processes, toolsets, oversight, and practice as a team.  For every insider threat incident that is made public information, there is 10x or more that aren’t, and each one represents monumental cooperation between security practitioners, investigators, and law enforcement.

If your organization seeks to instill good cooperation, Forcepoint brings 20+ years of experience in structuring insider threat programs to the table, including protecting the power grid with a Fortune 500 Renewable Energy company.  Let us know how we can help.

Karlene Berger

Karlene serves as Sr. Director, Product Marketing for Global Governments and Critical Infrastructure (G2CI). She has spent her career following her core passion:  Problem Solving as an Enabler to Innovation. Her experience includes roles in Mechanical Design and Software Product Design,...

Read more articles by Karlene Berger

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.