Security Experts:

Connect with us

Hi, what are you looking for?



DHS Downplays SCADA Breach at U.S. Water Utility


DHS Downplays SCADA Breach That Destroyed Pump at Water Utility, Saying No Credible Corroborated Data at This Time


DHS Downplays SCADA Breach That Destroyed Pump at Water Utility, Saying No Credible Corroborated Data at This Time

Reports on Thursday emerged that after gaining unauthorized access, hackers have destroyed a pump used by a US water utility in Springfield, Illinois. The report comes from an interview given to them by, Applied Control Solutions’ Joe Weiss, who learned of the incident from a report issued by the state’s government.

Weiss told The Register that over a period of about two to three months, the attackers targeted the pump itself or the SCADA system controlling it, and destroyed it by causing one of the two to turn on and off repeatedly. Weiss got his information from a report that was released two days after the attack was discovered.

According to what little information Weiss placed in the public, as seen here, in addition to the broken pump, it’s possible “the SCADA software vendor was hacked and customer usernames and passwords stolen…It is unknown if other water system SCADA users have been attacked.”

“The disclosure was made by a state organization, but has not been disclosed by the Water ISAC, the DHS Daily unclassified report, the ICS-CERT, etc. Consequently, none of the water utilities I have spoken to were aware of it.”

In his interview with The Register’s Dan Goodin, Weiss continued, “This is really a big deal, and what’s just as big a deal is what isn’t being said or isn’t being done. What the hell is going on with DHS? Why aren’t people being notified?”

But the DHS is aware of what’s going on, at least according to spokesman Peter Boogaard, who said they have no credible corroborated data, but they are investigating. “DHS and the FBI are gathering facts surrounding the report of a water pump failure in Springfield Illinois. At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety,” he said in a prepared statement.

In a separate interview with CNET, Weiss disputed the DHS’ official stance.

Related Reading: Industrial Control Systems Security One Year After Stuxnet

Related Reading: Bridging the Air Gap: Examining Attack Vectors into Industrial Control Systems

Related Reading: Are Industrial Control Systems Secure?

Related Reading: How to Make the Smart Grid Smarter than Cyber Attackers

Related Reading: The Increasing Importance of Securing The Smart Grid

Related Reading: Stuck on Stuxnet – Are Grid Providers Prepared for Future Assaults?

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...


Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...


Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.


Cybersecurity firm Forescout shows how various ICS vulnerabilities can be chained for an exploit that allows hackers to cause damage to a bridge.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...