Rambler Gallo, a 53-year-old man from Tracy, California, has been charged for allegedly hacking into the systems of a water treatment facility with the intent to delete critical software.
Gallo, who had worked for a company contracted by the town of Discovery Bay, California, had installed software during his employment that granted him remote access to the facility’s systems from his personal computer.
After resigning in January 2021, Gallo used this remote access to transmit a command that uninstalled crucial software responsible for the water treatment system’s overall network protection.
Authorities in the Northern District of California have charged Gallo with “transmitting a program, information, code, and command to cause damage to a protected computer.”
Although the case revolves around unauthorized access rather than traditional hacking, the incident highlights the risks posed by insider threats to critical infrastructure. Gallo faces potential consequences of up to 10 years in prison and a $250,000 fine for his actions.
This incident is not an isolated event, as water facilities, including those targeted by former employees, have frequently faced threats. One notable example involves the water plant in Oldsmar, Florida, where an initial assumption of malicious hacking aiming to contaminate the water supply was later revealed to be potentially the result of human error.
Such incidents underscore the importance of implementing robust security measures to safeguard critical infrastructure, protecting against both external and internal threats.
