Apparent cyberattack destroys pump at Ill. water utility
In separate incident, hacker claims access to SCADA system at Houston utility
Computerworld - A pump at a public water utility in Springfield, Ill., was recently destroyed after cyberattackers gained access to a SCADA system controlling the device, according to a security expert who said he obtained an official report about the incident.
A spokesman from the U.S. Department of Homeland Security (DHS) today confirmed the pump incident, but said it's too soon to say whether it was the result of a cyberattack.
"DHS and the FBI are gathering facts surrounding the report of a water pump failure in Springfield Illinois," Peter Boogaard, deputy press secretary at the DHS, said in an emailed statement. "At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety."
Meanwhile, in a separate case, a hacker named "pr0f" earlier today posted several images on Pastebin purporting to show access to a "really insecure" Supervisory Control and Data Acquisition (SCADA) system at the city of South Houston.
The posting was prompted by what the hacker claimed was the DHS's attempts to downplay the Springfield incident. "This was stupid," pr0f wrote in a note on Pastebin. "I dislike, immensely, how the DHS tend to downplay how absolutely f**** the state of national infrastructure is," the hacker wrote.
The hacker claimed that no damage was done to any of the machinery. "I don't really like mindless vandalism. It's stupid and silly," pr0f wrote. "On the other hand, so is connecting interfaces to your SCADA machinery to the Internet." The hacker said the Houston hack required no skill "and could be reproduced by a two year old."
It was not possible to immediately verify any of pr0f's claims.
Joseph Weiss, managing partner at Applied Control Systems LLC and author of the book Protecting Industrial Control Systems from Electronic Threat said that the pump failure in Springfield occurred on Nov. 8.
The pump burned out after the SCADA system controlling it began to power off and on intermittently, said Weiss, citing the incident report he obtained titled "Public Water District Cyber Intrusion."
Employees had reported "minor" glitches with the remote access component of the compromised SCADA system for between two and three months prior to the pump failure, Weiss said. An investigation into the cause of the failure showed that the SCADA system had been improperly accessed by someone using a computer with an IP address based in Russia, he said.
The attackers are thought to have obtained the usernames and passwords to the system by first breaking into a computer belonging to the utility's SCADA software vendor. SCADA vendors often maintain a list of usernames and passwords for accessing systems at customer locations for support purposes. Anyone with those credentials can gain access to the customer system, which is what appears to have happened here.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Cybercrime and Hacking White Papers | Webcasts