Augusta, GA
At a press conference today, Special Agent Johnathan Quest
of the Federal Bureau of Inquiry (FBI) confirmed that the FBI was investigating
the accident last week at the Mayberry Chemical manufacturing facility in
nearby Mayberry, GA as a cyberattack on the facility.
That incident involved the release of sulfuric acid from a storage
tank that resulted in the injury of seven people including six elementary
school students that were working on a class environmental project in a stream
adjacent to the facility at the time of the release. Three of the students are
still in the hospital in critical condition as is one employee of Mayberry Chemical.
The FBI was brought into the investigation after a preliminary
investigation by the Chemical Safety Bureau (CSB) uncovered control system anomalies
that apparently precipitated the incident.
Vera Arbeiten, spokesperson for the CSB, reported that
sensor data during a reaction vessel filling operation had been doctored to
allow the vessel to be overfilled during cleaning operations which resulted in
a backflow of water and caustic soda into the sulfuric acid tank. The resulting
chemical reaction resulted in the pressurization of the tank and the subsequent
release of sulfuric acid fumes and droplets. Those droplets caused the worst
injuries to the affected personnel including chemical burns to the faces of three
of the students.
Andrew Gryfin, the President of Mayberry Chemical, explained
that the company was a specialty chemical manufacturing company and that it was
currently working on a project with university researchers for production of a
specialty phenolic resin to be used in a DOD study of a potential radar
adsorbing coating for aircraft.
Gryfin noted that the company has been suffering from a
number of minor process and quality issues since beginning work on the DOD
related project. A preliminary cybersecurity review by the ECS-CERT requested
by CSB has indicated that the earlier anomalies and the recent incident were related
to a previously unreported malware discovered on the control system computer
systems. Immanuel C. Securitage from ECS-CERT noted that company control logs
documented many of the malware actions that contributed to past incidents as
well as the current release incident.
Unfortunately, no one at the company had reviewed those
logs, according to Gryfin. The company has no on-site cybersecurity personnel
and the logs were set up by a contractor fulfilling a DOD cybersecurity
requirement.
Arbeiten noted that the company had put manual safeguards
into place to prevent such overfilling, cross-contamination incidents. This
incident would have been prevented if a manual valve on the sulfuric acid fill
line on the reaction vessel had been closed prior to the start of the process.
Closing this valve is part of the written instructions for this process, but
the valve was open when investigators arrived on site.
Gryfin noted that the facility had been short staffed lately
due to personnel cutbacks. The company had been experiencing some loss of
business due to the quality and production problems being experienced.
Quest reported that the FBI investigation was on going and
they were getting some technical assistance from units at the nearby military
base.
No comments:
Post a Comment