Hackers destroy pump at U.S. water utility plant

By Lee Kaelin on November 18, 2011, 9:30 AM

Hackers have managed to destroy a water pump at a U.S. water utility plant after gaining access to the industrial control system (ICS) used to control the pump and other equipment, according to a state government report published on November 10.

The hackers, whose IP addresses were traced to Russia, breached the network of a company that makes SCADA (supervisory control and data acquisition) systems, stealing access to its customers' usernames and passwords. They then used this information to gain entry to the utility plant and operate a pump, turning it on and off until it burnt out and stopped functioning.

The report stated that the company had been observing minor glitches with the system in the two to three months prior to the incident.

"It is unknown, at this time, the number of SCADA usernames and passwords acquired from the software company's database and if any additional SCADA systems have been attacked as a result of this theft," said Joe Weiss, managing partner of Applied Control Systems when speaking to CNET about the report titled "Public Water District Cyber Intrusion."

He refused to give the location but a Homeland Security statement later confirmed it as being in Springfield, Illinois. The "DHS and the FBI are gathering facts surrounding the report of a water pump failure in Springfield Ill.," DHS spokesman Peter Boogaard said in a statement. "At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety."

Weiss disagreed with the DHS saying "the statement is inconsistent with the report from the Illinois Statewide Terrorism and Intelligence Center Daily Intelligence Notes dated November 10, 2011, titled Public Water District Cyber Intrusion." He also published a brief statement about the report yesterday saying he wanted to raise awareness of the incident.

This latest intrusion re-ignites the hotly debated subject surrounding the general security resistance of networked control systems. Those manufacturing and installing ICS prefer the remote connections to push software updates, and to aid in debugging of problems. Nevertheless, having critical infrastructure exposed to the internet poses a very serious risk.

Last week former Presidential cybersecurity advisor, Richard Clarke shockingly stated that the U.S. computer networks are vulnerable to attack. He also commented that the U.S. should seek to more strongly punish attacks against the nation originating from China and Russia -- consistently two of the U.S.' biggest culprits of cyber-espionage.




User Comments: 23

Got something to say? Post a comment
lchu12 lchu12 said:

It has STARTED! Live free or DIE HARD! Did I get the name of the movie correct?

Guest said:

The death of the OPEN Internet is right around the corner.

Guest said:

Why are industrial control systems connected to the internet instead of firewalled, internal network?

captainawesome captainawesome said:

Hmm Springfield ey. Maybe it was just Homer?

gwailo247, TechSpot Chancellor, said:

On the bright side, five water utility plants in Russia failed without no US interference whatsoever.

Hopefully this finally prompts some additional security in our infrastructure. Out gov't is wasting trillions on other crap anyway, might as well steer some of that cash towards something actually important, not shovel-ready rural roads.

lchu12 lchu12 said:

Actually I hope we start funding our military for cyber warfare. Maybe cut our aid to *cough* Libya *cough* to fund it...

Mindwraith said:

lchu12 said:

Actually I hope we start funding our military for cyber warfare. Maybe cut our aid to *cough* Libya *cough* to fund it...

there are so many things wrong with that statement...

amstech amstech, TechSpot Enthusiast, said:

"At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety."

Because breaking into an ICS system with premier security shows that the US security software is doing well and you have nothing to fear.

Ummmm.. Uhh. Mr. Uncle Sam, your public safety statement opposes what this article shows. Should we still believe you? Oh wait, America is full of people that let Uncle Sam form thier opinion, we should be fine.

Cough.

davimous said:

Most water treatment and distribution facilities are not manned 24 hours a day so workers normally have access through the internet. Then again there is nothing stopping someone from breaking into a facility like this and doing the damage manually. The real damage could be done at a wastewater treatment plant though.

NTAPRO NTAPRO said:

LOL Russia...

People just don't like the US

treetops treetops said:

What shit heads.

ramonsterns said:

treetops said:

What shit heads.

The Russians who did it or the company for keeping their systems open to the internet?

Guest said:

The hackers only gained access to the SCADA network, which is generally on the corporate network of the utility, NOT the industrial control network as the article might suggest. If they had access to the control network they could have easily shut down the whole plant.

bugejakurt said:

Pff... What a waste of people... Why don't they focus their efforts on work?

cliffordcooley cliffordcooley, TechSpot Paladin, said:

This latest intrusion re-ignites the hotly debated subject surrounding the general security resistance of networked control systems. Those manufacturing and installing ICS prefer the remote connections to push software updates, and to aid in debugging of problems. Nevertheless, having critical infrastructure exposed to the internet poses a very serious risk.

I can understand a need in having the infrastructure exposed to the Internet. What I can't understand is why there is no disconnect from the Internet and only connecting when the need arises.

Keeping an Internet connection alive is waving a red flag and suggesting "Here I am, break me if you can!".

Tedster Tedster, Techspot old timer....., said:

Execute these criminals

captaincranky captaincranky, TechSpot Addict, said:

See, the cold war's not over.

Guest said:

this is just bull sh!t propaganda right around the time they are pushing some stupid bill. It doesn't matter how much of security you have, The less and less allies and friends you have with all the stuff you're doing around the world you will always have enemies uncle sam. and it will never end unless you change our out look and foreign policies.

captaincranky captaincranky, TechSpot Addict, said:

this is just bull sh!t propaganda right around the time they are pushing some stupid bill. It doesn't matter how much of security you have, The less and less allies and friends you have with all the stuff you're doing around the world you will always have enemies uncle sam. and it will never end unless you change our out look and foreign policies.
Wouldn't this go over better at an Al-Qaeda website? Although, hearing yourself talk wouldn't be as satisfying there, now would it? Everybody would be saying the same thing as you. Oh wait, that would make you the one spouting propaganda....

Guest said:

this is exactly what I'm talking about. If anyone has an alternative opinion from what you think. you mark them as hostile and associate them to a terrorist organization. Let's not even talk about al sh!taki cus we all know who made osama bin ladin and his bunch of sh!t heads. I hope you learn from this instead of just accusing them of being a terrorist. if you go about things the way you do pretty soon even your mother will be al-Qaeda.

captaincranky captaincranky, TechSpot Addict, said:

this is exactly what I'm talking about. If anyone has an alternative opinion from what you think. you mark them as hostile and associate them to a terrorist organization. Let's not even talk about al sh!taki cus we all know who made osama bin ladin and his bunch of sh!t heads. I hope you learn from this instead of just accusing them of being a terrorist. if you go about things the way you do pretty soon even your mother will be al-Qaeda.
So then, if my mother dies a martyr, will she get 76 virgins in paradise? Would she have her choice of the sex of the virgins?

Guest said:

nah dude she doesn't have to die a martyr, she can just to go to Brazil and do all that.

captaincranky captaincranky, TechSpot Addict, said:

nah dude she doesn't have to die a martyr, she can just to go to Brazil and do all that.
Point taken. Just one thing though. Does that mean she'd have to learn to land the airliner, not just fly it......?

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.