Home Security The Illinois SCADA hack: DHS said it never happened

Earlier today an official message from DHS and FBI asserted that despite reports to the contrary, there was no intrusion at the Illinois water treatment facility.

iTWire previously reported about two control systems in the US being breached.

According to a message to the official ICS-CERT (Industrial Control Systems-Computer Emergency Response Team) mailing list about 12 hours ago, both the FBI and the DHS are adamant no such breach occurred.  The message also confirms the previously unnamed water authority to be the Curran-Gardner Public Water District as claimed in our previous report.

With no further detailed information, one is left with the assumption that after the pump motor burned out someone jumped to the conclusion that "the hackers did it."  Possibly to divert attention from a mistake!

From the ICS-CERT message:

Sent: Tuesday, November 22, 2011 05:38 PM Eastern Standard Time
Subject: UPDATE - Recent Incidents Impacting Two Water Utilities

Greetings:
After detailed analysis, DHS and the FBI have found no evidence of a cyber intrusion into the SCADA system of the Curran-Gardner Public Water District in Springfield, Illinois.

There is no evidence to support claims made in the initial Fusion Center report - which was based on raw, unconfirmed data and subsequently leaked to the media - that any credentials were stolen, or that the vendor was involved in any malicious activity that led to a pump failure at the water plant.  In addition, DHS and FBI have concluded that there was no malicious or unauthorized traffic from Russia or any foreign entities, as previously reported.  Analysis of the incident is ongoing and additional relevant information will be released as it becomes available.


The ICS-CERT message continues by agreeing that the second breach, in the City of South Houston's water management system did indeed appear to be real.

iTWire can confirm that we have been in contact with the claimed South Houston intruder, who goes by the name of pr0f and his claims do seem real.  This appears to be confirmed by other outlets (Sophos for instance) who have also been in contact with him.

 

This is the remainder of the email:

In a separate incident, a hacker recently claimed to have accessed an industrial control system responsible for water supply at another U.S. utility. The hacker posted a series of images allegedly obtained from the system. ICS-CERT is assisting the FBI to gather more information about this incident.

ICS-CERT has not received any additional reports of impacted manufacturers of ICS or other ICS related stakeholders related to these events. If DHS ICS-CERT identifies any information about possible impacts to additional entities, it will disseminate timely mitigation information as it becomes available. ICS-CERT encourages those in the industrial control systems community who suspect or detect any malicious activity against/involving control systems to contact ICS-CERT.

Regards,
ICS-CERT

 

CDAO SYDNEY TURNS 5 IN 2019

With 50+ Speakers, 300+ senior data and analytics executives, over 3 exciting days you will indulge in all things data and analytics before leaving with strategic takeaways that will catapult you ahead on your journey

· CDAO Sydney is designed to bring together senior executives in data and analytics from progressive organisations
· Improve operations and services
· Future proof your organisation in this rapidly changing technological landscape
· CDAO Sydney 2-4 April 2019
· Don’t miss out! Register Today!
· Want to find out more? Download the Agenda

REGISTER HERE!

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

 

Popular News

 

Telecommunications

 

Sponsored News

 

 

 

 

Connect