Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

DHS Downplays SCADA Breach at U.S. Water Utility

SCADA

DHS Downplays SCADA Breach That Destroyed Pump at Water Utility, Saying No Credible Corroborated Data at This Time

SCADA

DHS Downplays SCADA Breach That Destroyed Pump at Water Utility, Saying No Credible Corroborated Data at This Time

Reports on Thursday emerged that after gaining unauthorized access, hackers have destroyed a pump used by a US water utility in Springfield, Illinois. The report comes from an interview given to them by, Applied Control Solutions’ Joe Weiss, who learned of the incident from a report issued by the state’s government.

Weiss told The Register that over a period of about two to three months, the attackers targeted the pump itself or the SCADA system controlling it, and destroyed it by causing one of the two to turn on and off repeatedly. Weiss got his information from a report that was released two days after the attack was discovered.

According to what little information Weiss placed in the public, as seen here, in addition to the broken pump, it’s possible “the SCADA software vendor was hacked and customer usernames and passwords stolen…It is unknown if other water system SCADA users have been attacked.”

“The disclosure was made by a state organization, but has not been disclosed by the Water ISAC, the DHS Daily unclassified report, the ICS-CERT, etc. Consequently, none of the water utilities I have spoken to were aware of it.”

In his interview with The Register’s Dan Goodin, Weiss continued, “This is really a big deal, and what’s just as big a deal is what isn’t being said or isn’t being done. What the hell is going on with DHS? Why aren’t people being notified?”

But the DHS is aware of what’s going on, at least according to spokesman Peter Boogaard, who said they have no credible corroborated data, but they are investigating. “DHS and the FBI are gathering facts surrounding the report of a water pump failure in Springfield Illinois. At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety,” he said in a prepared statement.

In a separate interview with CNET, Weiss disputed the DHS’ official stance.

Advertisement. Scroll to continue reading.

Related Reading: Industrial Control Systems Security One Year After Stuxnet

Related Reading: Bridging the Air Gap: Examining Attack Vectors into Industrial Control Systems

Related Reading: Are Industrial Control Systems Secure?

Related Reading: How to Make the Smart Grid Smarter than Cyber Attackers

Related Reading: The Increasing Importance of Securing The Smart Grid

Related Reading: Stuck on Stuxnet – Are Grid Providers Prepared for Future Assaults?

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Former DoD CISO Jack Wilmer has been named CEO of defensive and offensive cyber solutions provider SIXGEN.

Certificate lifecycle management firm Sectigo has hired Jason Scott as its CISO.

The State of Vermont has appointed John Toney as the state’s new CISO.

More People On The Move

Expert Insights

Related Content

Artificial Intelligence

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.

Compliance

Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

ICS/OT

The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...