An unknown team of hackers recently destroyed a pump owned by a US water utility after accessing the industrial control system used to operate its machinery.
According to security researcher Joe Weiss, the IP address of the digital infiltrators was traced back to a Russian network.
“It is believed the supervisory control and data acquisition (SCADA) software vendor was hacked and customer usernames and passwords stolen. [However], it is unknown if other water system SCADA users have been attacked,” Weiss wrote in a blog post.
“[In addition], minor glitches were observed in remote access to the SCADA system for 2-3 months before it was identified as a cyber attack. There was [definite] damage – the SCADA system was powered on and off, burning out a water pump.”
Although Weiss initially declined to name the location of the affected utility, a subsequent statement issued by the US Department of Homeland Security (DHS) seemed to confirm the compromised facility is located in the city of Springfield, Illinois.
“DHS and the FBI are gathering facts surrounding the report of a water pump failure in Springfield Illinois,” the department wrote in an e-mail sent to The Register.
“At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety.”
Unsurprisingly, Weiss seemed unimpressed with the way the breach was being handled by authorities and emphasized that until the perpetrators were identified, there was no way of knowing what their true motives are.
“This is really a big deal, and what’s just as big a deal is what isn’t being said or isn’t being done,” Weiss told The Register. “What the hell is going on with DHS? Why aren’t people being notified?”