Home Security The Illinois SCADA hack: DHS said it never happened

Earlier today an official message from DHS and FBI asserted that despite reports to the contrary, there was no intrusion at the Illinois water treatment facility.

iTWire previously reported about two control systems in the US being breached.

According to a message to the official ICS-CERT (Industrial Control Systems-Computer Emergency Response Team) mailing list about 12 hours ago, both the FBI and the DHS are adamant no such breach occurred.  The message also confirms the previously unnamed water authority to be the Curran-Gardner Public Water District as claimed in our previous report.

With no further detailed information, one is left with the assumption that after the pump motor burned out someone jumped to the conclusion that "the hackers did it."  Possibly to divert attention from a mistake!

From the ICS-CERT message:

Sent: Tuesday, November 22, 2011 05:38 PM Eastern Standard Time
Subject: UPDATE - Recent Incidents Impacting Two Water Utilities

Greetings:
After detailed analysis, DHS and the FBI have found no evidence of a cyber intrusion into the SCADA system of the Curran-Gardner Public Water District in Springfield, Illinois.

There is no evidence to support claims made in the initial Fusion Center report - which was based on raw, unconfirmed data and subsequently leaked to the media - that any credentials were stolen, or that the vendor was involved in any malicious activity that led to a pump failure at the water plant.  In addition, DHS and FBI have concluded that there was no malicious or unauthorized traffic from Russia or any foreign entities, as previously reported.  Analysis of the incident is ongoing and additional relevant information will be released as it becomes available.


The ICS-CERT message continues by agreeing that the second breach, in the City of South Houston's water management system did indeed appear to be real.

iTWire can confirm that we have been in contact with the claimed South Houston intruder, who goes by the name of pr0f and his claims do seem real.  This appears to be confirmed by other outlets (Sophos for instance) who have also been in contact with him.

 

This is the remainder of the email:

In a separate incident, a hacker recently claimed to have accessed an industrial control system responsible for water supply at another U.S. utility. The hacker posted a series of images allegedly obtained from the system. ICS-CERT is assisting the FBI to gather more information about this incident.

ICS-CERT has not received any additional reports of impacted manufacturers of ICS or other ICS related stakeholders related to these events. If DHS ICS-CERT identifies any information about possible impacts to additional entities, it will disseminate timely mitigation information as it becomes available. ICS-CERT encourages those in the industrial control systems community who suspect or detect any malicious activity against/involving control systems to contact ICS-CERT.

Regards,
ICS-CERT

 

FREE SEMINAR

Site24x7 Seminars

Deliver Better User Experience in Today's Era of Digital Transformation

Some IT problems are better solved from the cloud

Join us as we discuss how DevOps in combination with AIOps can assure a seamless user experience, and assist you in monitoring all your individual IT components—including your websites, services, network infrastructure, and private or public clouds—from a single, cloud-based dashboard.

Sydney 7th May 2019

Melbourne 09 May 2019

Don’t miss out! Register Today!

REGISTER HERE!

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

 

Popular News

 

Telecommunications

 

Guest Opinion

 

Sponsored News

 

 

 

 

Connect