# Foreign hackers targeted U.S. water plant



## cupper (18 Nov 2011)

Looking deeper into the article, it's rather inconclusive as to whet happened.

But it it really was a cyber attack, does not bode well for the future.

Also makes some interesting points about plant operators not being able to recognize or address an attack when it is progress.

http://www.washingtonpost.com/blogs/checkpoint-washington/post/foreign-hackers-broke-into-illinois-water-plant-control-system-industry-expert-says/2011/11/18/gIQAgmTZYN_blog.html

Foreign hackers caused a pump at an Illinois water plant to fail last week, according to a preliminary state report. Experts said the cyber-attack, if confirmed, would be the first known to have damaged one of the systems that supply Americans with water, electricity and other essentials of modern life.
...
Federal officials confirmed that the FBI and the Department of Homeland Security were investigating damage to the water plant but cautioned against concluding that it was necessarily a cyber-attack before all the facts could be learned. *“At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety,”* said DHS spokesman Peter Boogaard.
...
Dave Marcus, director of security research for McAfee Labs, said that the computers that control critical systems in the United States are vulnerable to attacks that come through the Internet, and few operators of these systems know how to detect or defeat these threats. “So many are ill-prepared for cyber-attacks,” Marcus said.


----------



## jollyjacktar (19 Nov 2011)

It's the wave of the future.  Look what it did to the Iranians.  I'm sure there are plenty who want to throw a monkey wrench into the gear boxes here as well.


----------



## Fatalize (19 Nov 2011)

Kinda scary seeing how far cyber warfare has come.


----------



## cupper (25 Nov 2011)

Here's an update, looks like it wasn't an attack by foreign hackers, just as the DHS said.

http://www.washingtonpost.com/world/national-security/water-pump-failure-in-illinois-wasnt-cyberattack-after-all/2011/11/25/gIQACgTewN_story.html?hpid=z3

A water-pump failure in Illinois that appeared to be the first foreign cyberattack on a public utility in the United States was in fact caused by a plant contractor traveling in Russia, according to a source familiar with a federal investigation of the incident.

Investigators analyzed log files and connections to foreign Internet protocol addresses within the utility’s computer system, said the source, who was not authorized to speak for attribution. “No indictors of malicious activity were found” in the computer system of the Curran-Gardner Townships Public Water District in Springfield, the source said.

The contractor, who had remote access to the computer system, was in Russia on personal business, the source added.

The suspicion of foreign hacking was raised in a preliminary report by the Illinois Statewide Terrorism and Intelligence Center that was obtained by a control systems industry expert. The expert, Joe Weiss, alerted the news media to the suspected intrusion.

But officials at the Department of Homeland Security, which oversees industrial control system cybersecurity, cautioned from the outset that the report contained “no credible, corroborated data.”

The water pump in question had been experiencing problems, turning on and off and eventually failing, water district board members said. The pump has malfunctioned several times in recent years, a DHS official said.

DHS was alerted to the Illinois report on Nov. 16 and at the water district’s request, on Sunday sent a team of industrial control system experts to the water plant to investigate, according to a DHS bulletin. FBI officials also took part in the inquiry, which included interviewing personnel and collecting logs for analysis. The agencies concluded that there was no malicious or unauthorized traffic from Russia, as stated in the preliminary Illinois report.

Plant and federal officials are still investigating the cause of the pump’s failure.


----------

