Hackers have managed to destroy a water pump at a U.S. water utility plant after gaining access to the industrial control system (ICS) used to control the pump and other equipment, according to a state government report published on November 10.
The hackers, whose IP addresses were traced to Russia, breached the network of a company that makes SCADA (supervisory control and data acquisition) systems, stealing access to its customers' usernames and passwords. They then used this information to gain entry to the utility plant and operate a pump, turning it on and off until it burnt out and stopped functioning.
The report stated that the company had been observing minor glitches with the system in the two to three months prior to the incident.
"It is unknown, at this time, the number of SCADA usernames and passwords acquired from the software company's database and if any additional SCADA systems have been attacked as a result of this theft," said Joe Weiss, managing partner of Applied Control Systems when speaking to CNET about the report titled "Public Water District Cyber Intrusion."
He refused to give the location but a Homeland Security statement later confirmed it as being in Springfield, Illinois. The "DHS and the FBI are gathering facts surrounding the report of a water pump failure in Springfield Ill.," DHS spokesman Peter Boogaard said in a statement. "At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety."
Weiss disagreed with the DHS saying "the statement is inconsistent with the report from the Illinois Statewide Terrorism and Intelligence Center Daily Intelligence Notes dated November 10, 2011, titled Public Water District Cyber Intrusion." He also published a brief statement about the report yesterday saying he wanted to raise awareness of the incident.
This latest intrusion re-ignites the hotly debated subject surrounding the general security resistance of networked control systems. Those manufacturing and installing ICS prefer the remote connections to push software updates, and to aid in debugging of problems. Nevertheless, having critical infrastructure exposed to the internet poses a very serious risk.
Last week former Presidential cybersecurity advisor, Richard Clarke shockingly stated that the U.S. computer networks are vulnerable to attack. He also commented that the U.S. should seek to more strongly punish attacks against the nation originating from China and Russia – consistently two of the U.S.' biggest culprits of cyber-espionage.