DHS Denies Cyber Attack Caused Water Pump Failure

Steve McCaskill,

The DHS claims that cyber attackers did not gain control of SCADA systems at a water utility company

Federal investigators have concluded that hacking was not the cause of a water pump failure earlier this month in Springfield, Illinois, as previously thought.

Earlier this week it had been reported that hackers had breached the network at a water utility company and gained remote access to its control systems.

False Alarm

According to reports, a water district employee noticed supervisor control and data acquisition (SCADA) systems kept turning on and off, causing the attached water pump to burn out. It was claimed that the IP address used in the attack came from Russia, although the use of proxies and routing techniques meant that it was impossible to confirm the attack came from there.

A spokesman for the Department of Homeland Security (DHS), Chris Ortman, said that after a detailed investigation, the DHS and FBI found no evidence of a cyber attack.

“There is no evidence to support claims made in initial reports, which were based on raw, unconfirmed data and subsequently leaked to the media, that any credentials were stolen, or that the vendor was involved in any malicious activity that led to a pump failure at the water plant,” said Ortman, “In addition, DHS and FBI have concluded that there was no malicious traffic from Russia or any foreign entities, as previously reported.”

Conflicting reports

The story was broken in a blog post by security expert Joe Weiss who noted that the incident hadn’t been disclosed by the Water Information Sharing and Analysis Centre, DHS, any government or industry agency or even the water utility companies themselves.

Weiss has since posted a new blog defending his earlier entry, stating it was based on a formal disclosure by the Illinois State Terrorism and Intelligence Centre. However a senior DHS official told CNN, “The reports were intended to be initial raw reporting and not conclusive in nature.”

The DHS has previously warned that hackers could potentially gain control of Chinese weapon systems, but has dismissed the threat of an attack by hactivist collective Anonymous for the time being, However the US recently participated in an exercise with the European Union that simulated a potential attack on SCADA systems.