NJ Water Plant Victim of ‘Terrorism’

Tuesday, November 22, 2011 @ 01:11 PM gHale

Water utilities are suffering from a flood of compromises as Homeland Security officials are meeting with officials to discuss potential sabotage at a New Jersey water and sewer plant.

West Milford’s Municipal Utility Authority (MUA) suffered a series of attacks since July in which power shut off, valves opened and a wood plank ended up in a sewage filtration system.

RELATED STORIES
Water Utilities Breached
Three Legs to SCADA Security
Standard for Security in Action at NSA
Survey: Users Abide by Security Policies

Jersey Environmental Solutions owner Eric Williams, who maintains the system, said the sabotage has caused residents in at least 60 homes to lose water pressure three times and resulted in numerous sewage spills.

The latest incident occurred Tuesday when sewage poured into the street near the MUA’s Bald Eagle facility after someone interfered with the switches for the pumps.

Williams said incidents “border on, or actually are, terrorism.”

This comes on the heels of two other plants suffering from cyber attacks.

There was a cyber attack reported on the water SCADA system at the Curran-Gardner Township Public Water District, in Illinois. In addition, a second water utility suffered from a hack attack in the City of South Houston.

The Curran-Gardner Township incident first came to light in an Illinois state cyber fusion notice dated Nov. 10 and then a security researcher filed a blog on the event and shared some information with Wired Magazine and KrebsOnSecurity:

“Sometime during the day of Nov. 8, 2011, a water district employee noticed problems with a SCADA system. An information technology service and repair company checked the computer logs of the SCADA system and determined the system had been remotely hacked into from an Internet provider address located in Russia…

“Over a period of 2-3 months, minor glitches have been observed in remote access to the water district’s SCADA system. Recently, the SCADA system would power on and off, resulting in the burnout of a water pump.”

One thought is the attackers breached the IT systems of the company that either manages or makes the SCADA systems used at Curran-Gardner and stole customer usernames and passwords. The attackers then used this information to infiltrate the Curran-Gardner SCADA system.

In the second incident, a hacker using the name “pr0f” or “@pr0f_srs” published information of a successful penetration of the South Houston Water Utility. This attacker used an unrelated technique to gain access to the water utility and then posted several screenshots of the control system on PasteBin.