A Tracy man, Rambler Gallo, aged 53, has been sentenced to six months of home confinement for orchestrating a cyber attack on the Discovery Bay Water Treatment Facility in 2021. The U.S. Attorney’s Office confirmed that the sentence was handed down on May 8. Gallo, who was a former full-time employee of a Massachusetts-based company contracted by Discovery Bay, pleaded guilty to a single felony count of transmitting a program, information, code, and command to cause damage to a protected computer.
Last June, a federal grand jury indicted Gallo for his actions. Prosecutors revealed that Gallo had installed software on both his personal computer and the company’s internal network, granting him remote access to the water treatment plant’s computer system. Approximately five weeks after resigning on November 25, 2020, Gallo accessed the plant’s computer system and sent a command to uninstall software that safeguarded critical aspects of the water treatment system, such as pressure, filtration, and chemical levels.
The cyber attack was discovered by other employees the day after it occurred when they realized that the protective software had been disabled. Prosecutors emphasized that Gallo’s actions were meticulously planned to cause maximum disruption and posed a potential threat to the health and safety of the community’s water supply.
U.S. District Court Judge Haywood S. Gilliam Jr. sentenced Gallo to six months of home confinement and three years of probation. Additionally, Gallo was ordered to forfeit his computer and pay $44,250 in restitution.
1 Response
1. Strengthen cybersecurity measures: This incident highlights the importance of implementing robust cybersecurity measures. Organizations should regularly update their systems, install security patches, and use strong passwords to minimize the risk of cyber attacks.
2. Conduct regular security audits: It is crucial for organizations to conduct regular security audits to identify vulnerabilities in their systems. This can help in proactively addressing any potential weaknesses and preventing cyber attacks.
3. Employee training and awareness: Organizations should invest in comprehensive cybersecurity training for their employees. Educating