March 29, 2024, 06:37:47 AM *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: NEW CHILD BOARD CREATED IN THE POLITICAL SECTION FOR THE 2016 ELECTION
 
   Home   Help Login Register  
Pages: 1   Go Down
  Print  
Author Topic: US investigates cyber attack on Illinois water system(NOT A CYBER ATTACK)  (Read 1983 times)
0 Members and 1 Guest are viewing this topic.
MuffyBee
Former Moderator
Monkey Mega Star
*
Offline Offline

Posts: 44737



« on: November 18, 2011, 06:02:03 PM »

http://www.msnbc.msn.com/id/45359594/ns/technology_and_science-security/
US investigates cyber attack on Illinois water system
State report says stolen credentials used by hacker who was traced to Russia

November 18, 2011

Federal investigators are looking into a report that hackers managed to remotely shut down a utility's water pump in central Illinois last week, in what could be the first known foreign cyber attack on a U.S. industrial system.

The Nov. 8 incident was described in a one-page report from the Illinois Statewide Terrorism and Intelligence Center, according to Joe Weiss, a prominent expert on protecting infrastructure from cyber attacks.

The attackers obtained access to the water utility's network with credentials stolen from a company that makes software used to control industrial systems, according to the account obtained by Weiss. It did not explain the motive of the attackers.

He said that the same group may have attacked other industrial targets or be planning strikes using credentials stolen from the same software maker.

The U.S. Department of Homeland Security and the Federal Bureau of Investigation are examining the matter, said DHS spokesman Peter Boogaard.

 ::snipping2::

SCADA security
Cyber security experts said that the reported attack highlights the risk that attackers can break into what is known as Supervisory Control and Data Acquisition (SCADA) systems. They are highly specialized computer systems that control critical infrastructure — from water treatment facilities, chemicals plants and nuclear reactors to gas pipelines, dams and switches on train lines.

The issue of securing SCADA systems from cyber attacks made international headlines last year after the mysterious Stuxnet virus attacked a centrifuge at a uranium enrichment facility in Iran. Many experts say that was a major setback for Iran's nuclear weapon's program and attribute the attack to the United States and Israel.

In 2007, researchers at the U.S. government's Idaho National Laboratories identified a vulnerability in the electric grid, demonstrating how much damage a cyber attack could inflict on a large diesel generator.

Lani Kass, a former senior cyber policy adviser to the U.S. Joint Chiefs of Staff and the U.S. Air Force said that one day a real-life cyber attack on a U.S. SCADA system could lead to a major disaster.

"Many (SCADA systems) are old and vulnerable," said Kass. "There are no financial incentives for the utility owners to replace and secure these systems and the costs would be high."
More...
« Last Edit: December 21, 2011, 01:22:59 PM by MuffyBee » Logged

  " Everyone is entitled to his own opinion, but not his own facts."  - Daniel Moynihan
MuffyBee
Former Moderator
Monkey Mega Star
*
Offline Offline

Posts: 44737



« Reply #1 on: November 19, 2011, 08:58:19 AM »

http://www.pcmag.com/article2/0,2817,2396632,00.asp?google_editors_picks=true
Illinois Water Utility Pump Destroyed After Hack

A cyber attack on a Springfield, Ill. public water utility resulted in the destruction of one of its pumps, according to a security expert.

Joe Weiss, managing partner at Applied Control Systems LLC, said in a Thursday blog post that cyber scammers hacked a Supervisory Control And Data Acquisition (SCADA) software vendor and stole customer usernames and passwords. During the hack, however, the SCADA system was powered on and off, burning out a water pump, he said.

Department of Homeland Security spokesman Peter Boogaard said officials were investigating the incident.

"DHS and the FBI are gathering facts surrounding the report of a water pump failure in Springfield Illinois. At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety," Boogaard said. "If DHS ICS-CERT identifies any information about possible impacts to additional entities, it will disseminate timely mitigation information as it becomes available."

Weiss said the IP address of the hacker was traced to Russia; it's currently unknown if any other systems were targeted. "Minor glitches were observed in remote access to the SCADA system for 2-3 months before it was identified as a cyber attack," he wrote.

However, Sean McGurk, former director of the National Cybersecurity and Communications Integration Center, told CNN that these types of attacks are routine.

"This is just one of many events that occur almost on a weekly basis," he said. "While it may be nice to speculate that it was caused by a nation-state or actor, it may be the unintended consequence of maintenance."

A hacker known as 'pr0f' begs to differ. He took issue with Boogaard's statement about there being no threat to public safety in the Illinois hack, posting on Pastebin what he said were internal documents from the water systems of South Houston, Nev.

"I'm not going to expose the details of the box. No damage was done to any of the machinery; I don't really like mindless vandalism. It's stupid and silly," pr0f wrote. "On the other hand, so is connecting interfaces to your SCADA machinery to the Internet. I wouldn't even call this a hack, either, just to say. This required almost no skill and could be reproduced by a two year old with a basic knowledge of Simatic."

In a blog post about both attacks, McAfee's analyst David Marcus said "it is really no more difficult to attack a SCADA network or system than it is to attack any other system."
More...
Logged

  " Everyone is entitled to his own opinion, but not his own facts."  - Daniel Moynihan
MuffyBee
Former Moderator
Monkey Mega Star
*
Offline Offline

Posts: 44737



« Reply #2 on: December 21, 2011, 01:22:24 PM »

http://www.washingtonpost.com/world/national-security/water-pump-failure-in-illinois-wasnt-cyberattack-after-all/2011/11/25/gIQACgTewN_story.html
Water-pump failure in Illinois wasn’t cyberattack after all
By Ellen Nakashima
November 25, 2011

A water-pump failure in Illinois was initially mistaken to be the first foreign cyberattack on a public utility in the United States because a plant contractor traveling in Russia remotely logged in to the plant’s computer system, according to a person familiar with a federal investigation of the incident.

Investigators analyzed log files and connections to foreign Internet protocol addresses within the utility’s computer system, said the source, who was not authorized to speak for attribution. “No indictors of malicious activity were found” in the computer system of the Curran-Gardner Townships Public Water District in Springfield, the source said.

More...
Logged

  " Everyone is entitled to his own opinion, but not his own facts."  - Daniel Moynihan
Pages: 1   Go Up
  Print  
 
Jump to:  

Use of this web site in any manner signifies unconditional acceptance, without exception, of our terms of use.
Powered by SMF 1.1.13 | SMF © 2006-2011, Simple Machines LLC
 
Page created in 4.093 seconds with 19 queries.