A 22-year-old Kansas man may face the next quarter century behind bars after allegedly hacking computer systems to affect tap water.
A press release from the Department of Justice reveals that Wyatt A. Travnichek, 22, of Ellsworth County, Kansas is charged with one count of tampering with a public water system and one count of reckless damage to a protected computer during unauthorized access. The two charges could carry a combined 25 year sentence.
The indictment alleges that, around the end of March of 2019, Travnichek accessed the Ellsworth County Rural Water District’s protected computer system without authorization, seeking to tamper with the sanitization process of the local water supply.
“During this unauthorized access, it is alleged Travnichek performed activities that shut down the processes at the facility which affect the facilities cleaning and disinfecting procedures with the intention of harming the Ellsworth Rural Water District No. 1, also known as Post Rock Rural Water District,” according to the DoJ.
“By illegally tampering with a public drinking water system, the defendant threatened the safety and health of an entire community,” said Lance Ehrig, Special Agent in Charge of EPA’s Criminal Investigation Division in Kansas. “EPA and its law enforcement partners are committed to upholding the laws designed to protect our drinking water systems from harm or threat of harm. Today’s indictment sends a clear message that individuals who intentionally violate these laws will be vigorously prosecuted.”
“Our office is committed to maintaining and improving its partnership with the state of Kansas in the administration and implementation of the Safe Drinking Water Act of 1974,” said Acting US Attorney Duston Slinkard. “Drinking water that is considered safe is essential to the protection of the public’s health.”
Besides the potential 25-year sentence, the combined charges carry a financial penalty as well:
Tampering with a Public Water System: Up to 20 years in federal prison and a fine up to $250,000.
Reckless Damage to a Protected Computer During Unauthorized Access: Up to 5 years in federal prison and a fine up to $250,000.
Considering these charges, it’s hard to fathom what kind of prison time ransomware actors should face for hacking critical infrastructures like healthcare facilities.