Feds: No Cyber Intrusion at IL Water Plant

Wednesday, November 23, 2011 @ 09:11 AM gHale


You can go by either saying, “It is better to be safe than sorry” or “You can only cry wolf so many times.”

Either way, after detailed analysis, DHS and the FBI have found no evidence of a cyber intrusion into the SCADA system of the Curran-Gardner Public Water District in Springfield, Illinois.

“There is no evidence to support claims made in the initial Fusion Center report – which was based on raw, unconfirmed data and subsequently leaked to the media – that any credentials were stolen, or the vendor was involved in any malicious activity that led to a pump failure at the water plant, according to a release sent out by the ICSJWG (Industrial Control Systems Joint Working Group).

RELATED STORIES
NJ Water Plant Victim of ‘Terrorism’
Water Utilities Breached
Three Legs to SCADA Security
Standard for Security in Action at NSA

“In addition,” the release said, “DHS and FBI have concluded that there was no malicious or unauthorized traffic from Russia or any foreign entities, as previously reported. Analysis of the incident is ongoing and additional relevant information will be released as it becomes available.”

In a separate incident, a hacker claimed to have accessed an industrial control system responsible for water supply at a utility in South Houston. The hacker posted a series of images allegedly obtained from the system. ICS-CERT is assisting the FBI to gather more information about this incident.

ICS-CERT has not received any additional reports of impacted manufacturers of ICS or other ICS related stakeholders related to these events.

Reports of three utilities getting hit in different regions of the U.S. hit the cyber street over the past few days.

The first cyber attack reported on the water SCADA system at the Curran-Gardner Township Public Water District, in Illinois. A second water utility suffered from a hack attack in the City of South Houston. While DHS was investigating a third incident at a New Jersey water and sewer plant.

West Milford’s Municipal Utility Authority (MUA) suffered a series of attacks since July in which power shut off, valves opened and a wood plank ended up in a sewage filtration system.

Jersey Environmental Solutions owner Eric Williams, who maintains the system, said the sabotage has caused residents in at least 60 homes to lose water pressure three times and resulted in numerous sewage spills.

The latest incident occurred Tuesday when sewage poured into the street near the MUA’s Bald Eagle facility after someone interfered with the switches for the pumps.

Williams said incidents “border on, or actually are, terrorism.”

The Curran-Gardner Township incident first came to light in an Illinois state cyber fusion notice dated Nov. 10 and then a security researcher filed a blog on the event and shared some information with Wired Magazine and KrebsOnSecurity:

In the second incident, a hacker using the name “pr0f” or “@pr0f_srs” published information of a successful penetration of the South Houston Water Utility. This attacker used an unrelated technique to gain access to the water utility and then posted several screenshots of the control system on PasteBin.



Leave a Reply

You must be logged in to post a comment.