FBI, DHS dismiss report of water plant hack

November 23, 2011

US investigators have dismissed a report that computer hackers were behind the failure of a water pump at a plant in the midwestern US state of Illinois.

Chris Ortman, a spokesman for the , said "detailed analysis" by DHS and the "found no evidence of a cyber intrusion" at the water facility in Springfield, Illinois.

"There is no evidence to support claims made in initial reports -- which were based on raw, unconfirmed data and subsequently leaked to the media -- that any credentials were stolen, or that the vendor was involved in any malicious activity that led to a pump failure at the water plant," he said.

"Analysis of the incident is ongoing and additional relevant information will be released as it becomes available," the DHS spokesman added.

Joe Weiss, an infrastructure control systems expert with consultant Applied Control Solutions, reported the alleged hacking attempt last week, citing a disclosure by the Illinois Statewide Terrorism and Intelligence Center (STIC).

According to Weiss, the disclosure by the state organization said a vendor of Supervisory Control and Data Acquisition (SCADA) software was hacked and customer usernames and passwords stolen.

There are about a dozen or so firms that make SCADA software, which is used to control machines in industrial facilities ranging from factories and to nuclear power and sewage plants.

The IP address of the attacker was traced back to Russia, Weiss cited the STIC disclosure as saying.

Ortman, the DHS spokesman, said, however, that the DHS and FBI "have concluded that there was no malicious traffic from Russia or any foreign entities, as previously reported."

Weiss, in a blog post late Tuesday, said the DHS statement "appears to conflict with the STIC report and its positive statements that an event had occurred."

"If DHS turns out to be correct in its assumptions, then anyone acting on the STIC warning would have been wasting precious resources addressing a problem that doesn't exist," Weiss said.

While dismissing the report of a hacking attack on the Illinois plant, a senior DHS official said the department and FBI were looking into a separate hacking claim at another US utility.

In that incident, a hacker claimed to have accessed an industrial control system responsible for water supply and posted images allegedly obtained from the system, the official said.

Explore further: Terrorism risk determines homeland security spending

Related Stories

Terrorism risk determines homeland security spending

June 5, 2008

A new study in Policy Studies Journal reveals that measures of terrorism risk are found to be positive determinants of Homeland Security funding, while measures of political influence and party affiliation of elected officials ...

Top US cybersecurity official quits

March 7, 2009

A top US cybersecurity official has quit, complaining in a resignation letter obtained by Wired magazine that US cyber protection efforts are being dominated by the super-secret National Security Agency (NSA).

No apparent Stuxnet impact in US: cyber official

December 7, 2010

Computer software targeted by Stuxnet is used in US infrastructure but the virus does not appear to have affected any systems in the United States, a US cybersecurity official said Tuesday.

Recommended for you

Xbox gaming technology may improve X-ray precision

December 1, 2015

With the aim of producing high-quality X-rays with minimal radiation exposure, particularly in children, researchers have developed a new approach to imaging patients. Surprisingly, the new technology isn't a high-tech, high-dollar ...

Making 3-D imaging 1,000 times better

December 1, 2015

MIT researchers have shown that by exploiting the polarization of light—the physical phenomenon behind polarized sunglasses and most 3-D movie systems—they can increase the resolution of conventional 3-D imaging devices ...


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.