Home » Illinois Water Hack Causes Confusion
Illinois Water Hack Causes Confusion
Was the tiny Curran-Gardner Townships Public Water District (www.currangardner.com) in downstate Illinois the victim of a foreign-based cyber attack or not? As of press time, that seems to be the question.
What we do know is this: The Illinois Statewide Terrorism and Intelligence Center reported that "Sometime during the day of Nov. 8, 2011, a water district employee noticed problems with a SCADA system. An information technology service and repair company checked the computer logs of the SCADA system, and determined the system had been remotely hacked into from an Internet provider address located in Russia…
"Over a period of 2-3 months, minor glitches have been observed in remote access to the water district's SCADA system. Recently, the SCADA system would power on and off, resulting in the burnout of a water pump."
No motive was given for the attack.
Don Craver, chairman of the Curran-Gardner Water District reported to ABC affiliate, WLS TV, Chicago, that "There's some indication there was a breach of some sort into a software program—the SCADA system—that allows remote access to the wells, and the pumps, and those sorts of things."
According to Joe Weiss, principal at Applied Control Systems and ControlGlobal.com's "Unfettered" security blog, the attackers obtained access to the network with credentials stolen from an unnamed SCADA vendor.
The problem is that the FBI and the DHS both have said that, after investigation, they do not believe such an attack occurred.
However, before anyone assumes that this whole issue is overblown, within days of the Curran-Gardner scare, a home-grown hacker calling himself "pr0f" or "@pr0f_srs" announced that he had hacked into the South Houston Water Utility in Texas, and he posted several screenshots of the system on the Internet.
Pr0f himself went public with the attack and explained his motives clearly—to demonstrate just how insecure such systems are. (Apparently South Houston's system was accessible via a simple, three-letter password.)
He said, "I'd like to go on record and say that the main reason I did what I did yesterday was essentially because I know I am not the only person with an interest in these systems. I also know I am not the only person who has explored them and read up on them. I don't think I am alone in suggesting that the gravity of the problem is more serious than ICS-CERT and similar [sic] are equipped to deal with. I'd love to see some real reform and discussions between the government, manufacturers of ICSs and people who use these systems happening, because there seems to be a huge disconnect between the parties involved."
Past Time to Upgrade Your DCS?
Upgrading Your DCS: Why You May Need to Do It Sooner Than You Think
Friday p.m. Wrap-Up:This Week on ControlGlobal and Elsewhere
Some of the week's biggest stories in process automation
What's Bad Weather Costing Us?
U.S. taxpayers paid nearly $100 billion responding to damages caused by last year’s extreme weather events associated with climate change, about $1,100 per taxpayer, according to an analysis by the Natural Resources Defense Council (NRDC).
BP, Shell, Statoil Raided by EC
European Commission investigators raided the offices of oil companies BP, Royal Dutch Shell and Statoil as well as data collector Platts as part of a larger inquiry into price manipulation of the global crude market.
Invensys' SimSci Suite 2013 Now with More Usability Features
Invensys releases SimSci Suite 2013, a DVD catalogue providing a single source for all of Invensys' current SimSci-Esscor design, operator training, simulation and optimization software
What We Can Learn About Safety from the Titanic Hearings
This report from the U.K. publication The Engineer is instructive. It reprints a report from the May, 1912 hearings on the sinking of the Titanic.
Honeywell Integrates and Certifies FMC722 Subsea Automation Protocol
The integration and certification of these solutions will boost the productivity of oil and gas field operators and engineers
Monsanto Muscatine named 2012 HART Plant of the Year
The HART Communication Foundation today announces that the Monsanto chemical manufacturing plant located in Muscatine, Iowa, USA, was selected as recipient of the 2012 HART Plant of the Year Award.
Siemens Gas Chromatograph Is ISA Product of the Year
Siemens Industry, Inc. has been awarded the prestigious ISA Analysis Division Product of the Year Award for 2013 for its Maxum edition II gas chromatograph featuring a new modular oven and color touch panel display.
IChemE Issues Call for Papers for Fall Conference
Scotland will host a new international symposium on the future of the oil and gas industry later this year, and papers are now being invited on key issues including shale gas, carbon management and the future of refining and petrochemicals in Europe.
- All news »
Access the entire print issue on-line and be notified each month via e-mail when your new issue is ready for you. Subscribe today.
- Featured White Papers