Reply to topic  [ 8 posts ] 
Russian Hackers Breach Springfield, Ill. Water Utility 
Author Message
What's a life?
User avatar

Joined: Thu Apr 23, 2009 7:56 pm
Posts: 12030
Reply with quote
Quote:
Apparently, Russian hackers are targeting Springfield, Illinois's water. According to Wired's "Threat Level," last week a group of hackers breached the Springfield, Illinois water utility system and remotely destroyed a water pump.

The breach was discovered on November 8, when an employee noticed a problem with the Supervisory Control and Data Acquisition System (SCADA). The problem caused the water pump to burn out after being continuously turned on and off. The Department of Homeland Security's Industrial Control System-Cyber Emergency Response Team, when queried by reporters, revealed that a utility company in Springfield, Illinois was hacked.

The details beyond that are hazy. As Wired pointed out, one of Springfield's water utility companies is City Water, Light and Power. A spokeswoman at the company denied that an incident had occurred there, and suggested that it may have happened to systems managed by another utility company, Curran-Gardner Public Water District. Curran-Gardner refused to comment.

The Illinois Statewide Terrorism and Intelligence Center released a "Public Water District Cyber Intrusion" report on November 10 that indicates that hackers may have had access to the system since September. Hackers using Russian IP addresses hacked the software vendor that makes the system. They were then able to access the vendor's database of usernames and passwords, and used the stolen credentials for remote access to the SCADA system's network. These vendors keep records of their customer's access information for maintenance and upgrading the systems.

Two to three months before the discovery of the hack, operators noticed "glitches" in the remote access to the SCADA system. "They just figured it's part of the normal instability of the system," said Joe Weiss, cybersecurity expert and managing partner at Applied Control Solutions, who obtained a copy of the report. "But it wasn't until the SCADA system actually turned on and off that they realized something was wrong."

The vendor is located in the United States, and Weiss worries about what other systems are at risk. "One thing that is important to find out is whose SCADA system this is," he said. "If this is a [big software vendor], this could be so ugly, because a biggie would have not only systems in water utilities but a biggie could even be [used] in nukes." Weiss discussed the breach yesterday on his blog, calling for better coordination and disclosure from government organizations. Because of this lack of coordination and disclosure, Weiss wrote, other water utilities were not aware of the breach, and their own vulnerability to cyber attacks. It may not be one of the biggest data thefts in history, but it's certainly one of the more odd.


http://www.popsci.com/technology/article/2011-11/russian-hackers-breach-springfield-illinois-water-utility-destroy-pump

There's a link there to the wired.com page - it's blocked at work so meh.

_________________
www.alexsmall.co.uk

Charlie Brooker wrote:
Windows works for me. But I'd never recommend it to anybody else, ever.


Mon Nov 21, 2011 4:04 pm
Profile
Site Admin
User avatar

Joined: Fri Apr 24, 2009 6:12 am
Posts: 7011
Location: Wiltshire
Reply with quote
http://www.bbc.co.uk/news/technology-15817335
Try Here.

_________________
<input type="pickmeup" name="coffee" value="espresso" />


Mon Nov 21, 2011 6:20 pm
Profile WWW
What's a life?
User avatar

Joined: Fri Apr 24, 2009 10:21 am
Posts: 12700
Location: The Right Side of the Pennines (metaphorically & geographically)
Reply with quote
Question. Why is a water pumping station hooked up to the internet anyway. Surely there were ways to remote control pumps etc before the internet came along?

_________________
pcernie wrote:
'I'm going to snort this off your arse - for the benefit of government statistics, of course.'


Mon Nov 21, 2011 7:17 pm
Profile WWW
What's a life?
User avatar

Joined: Thu Apr 23, 2009 7:56 pm
Posts: 12030
Reply with quote
Probably by having someone there 24/7 by the phone.

_________________
www.alexsmall.co.uk

Charlie Brooker wrote:
Windows works for me. But I'd never recommend it to anybody else, ever.


Mon Nov 21, 2011 7:22 pm
Profile
What's a life?
User avatar

Joined: Thu Apr 23, 2009 8:25 pm
Posts: 10691
Location: Bramsche
Reply with quote
Has Homer got a new job? :lol:

_________________
"Do you know what this is? Hmm? No, I can see you do not. You have that vacant look in your eyes, which says hold my head to your ear, you will hear the sea!" - Londo Molari

Executive Producer No Agenda Show 246


Tue Nov 22, 2011 5:08 am
Profile ICQ
Site Admin
User avatar

Joined: Fri Apr 24, 2009 6:12 am
Posts: 7011
Location: Wiltshire
Reply with quote
l3v1ck wrote:
Question. Why is a water pumping station hooked up to the internet anyway. Surely there were ways to remote control pumps etc before the internet came along?

Its the norm I'm afraid.

_________________
<input type="pickmeup" name="coffee" value="espresso" />


Tue Nov 22, 2011 7:22 am
Profile WWW
I haven't seen my friends in so long
User avatar

Joined: Thu Apr 23, 2009 9:43 pm
Posts: 5048
Reply with quote
Not sure where my head is at, I thought a bunch of prostitutes had attacked.

_________________
Fogmeister I ventured into Solitude but didn't really do much.
jonbwfc I was behind her in a queue today - but I wouldn't describe it as 'bushy'.


Tue Nov 22, 2011 7:49 am
Profile
What's a life?
User avatar

Joined: Fri Apr 24, 2009 10:21 am
Posts: 12700
Location: The Right Side of the Pennines (metaphorically & geographically)
Reply with quote
Hmmm. Apparently it didn't happen.
CLICKY
Quote:
Federal officials said there's no evidence to support a report that hackers destroyed a pump used by an Illinois-based water utility after gaining unauthorized access to the computer system it used to operate its machinery.

_________________
pcernie wrote:
'I'm going to snort this off your arse - for the benefit of government statistics, of course.'


Wed Nov 23, 2011 6:06 am
Profile WWW
Display posts from previous:  Sort by  
Reply to topic   [ 8 posts ] 

Who is online

Users browsing this forum: No registered users and 11 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group
Designed by ST Software.