FBI, DHS dismiss report of water plant hack

Nov 23, 2011

US investigators have dismissed a report that computer hackers were behind the failure of a water pump at a plant in the midwestern US state of Illinois.

Chris Ortman, a spokesman for the , said "detailed analysis" by DHS and the "found no evidence of a cyber intrusion" at the water facility in Springfield, Illinois.

"There is no evidence to support claims made in initial reports -- which were based on raw, unconfirmed data and subsequently leaked to the media -- that any credentials were stolen, or that the vendor was involved in any malicious activity that led to a pump failure at the water plant," he said.

"Analysis of the incident is ongoing and additional relevant information will be released as it becomes available," the DHS spokesman added.

Joe Weiss, an infrastructure control systems expert with consultant Applied Control Solutions, reported the alleged hacking attempt last week, citing a disclosure by the Illinois Statewide Terrorism and Intelligence Center (STIC).

According to Weiss, the disclosure by the state organization said a vendor of Supervisory Control and Data Acquisition (SCADA) software was hacked and customer usernames and passwords stolen.

There are about a dozen or so firms that make SCADA software, which is used to control machines in industrial facilities ranging from factories and to nuclear power and sewage plants.

The IP address of the attacker was traced back to Russia, Weiss cited the STIC disclosure as saying.

Ortman, the DHS spokesman, said, however, that the DHS and FBI "have concluded that there was no malicious traffic from Russia or any foreign entities, as previously reported."

Weiss, in a blog post late Tuesday, said the DHS statement "appears to conflict with the STIC report and its positive statements that an event had occurred."

"If DHS turns out to be correct in its assumptions, then anyone acting on the STIC warning would have been wasting precious resources addressing a problem that doesn't exist," Weiss said.

While dismissing the report of a hacking attack on the Illinois plant, a senior DHS official said the department and FBI were looking into a separate hacking claim at another US utility.

In that incident, a hacker claimed to have accessed an industrial control system responsible for water supply and posted images allegedly obtained from the system, the official said.

Explore further: Twitter tries to block images of Foley killing

add to favorites email to friend print save as pdf

Related Stories

Top US cybersecurity official quits

Mar 07, 2009

A top US cybersecurity official has quit, complaining in a resignation letter obtained by Wired magazine that US cyber protection efforts are being dominated by the super-secret National Security Agency (NSA).

Terrorism risk determines homeland security spending

Jun 05, 2008

A new study in Policy Studies Journal reveals that measures of terrorism risk are found to be positive determinants of Homeland Security funding, while measures of political influence and party affiliation of elected officials ...

No apparent Stuxnet impact in US: cyber official

Dec 07, 2010

Computer software targeted by Stuxnet is used in US infrastructure but the virus does not appear to have affected any systems in the United States, a US cybersecurity official said Tuesday.

Recommended for you

Twitter tries to block images of Foley killing

17 minutes ago

Twitter is trying to block the spread of gruesome images of the beheading of journalist James Foley by Islamic State militants, while a movement to deny his killers the publicity they crave is also gaining ...

User comments : 0