Hackers 'hit' US water treatment systems
- 21 November 2011
- From the section Technology
Hackers are alleged to have destroyed a pump used to pipe water to thousands of homes in a US city in Illinois.
Hackers with access to the utility's network are thought to have broken the pump by turning it on and off quickly.
The FBI and Department for Homeland Security (DHS) are investigating the incident as details emerge of what could be a separate second attack.
Experts said the news revealed a growing interest in critical infrastructure by cyber criminals.
Information about the 8 November incident came to light via the blog of Joe Weiss who advises utilities on how to protect hardware against attack.
Mr Weiss quoted from a short report by the Illinois Statewide Terrorism and Intelligence Center which said hackers obtained access using stolen login names and passwords. These were taken from a company which writes control software for industrial systems.
The net address through which the attack was carried out was traced to Russia, according to Mr Weiss. The report said "glitches" in the remote access system for the pump had been noticed for months before the burn out, said Mr Weiss.
Peter Boogaard, A spokesman for the DHS, said it was gathering facts about the incident.
"At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety," he said.
The comments by the DHS prompted a hacker using the handle "pr0f" to claim he had access to the control systems for a second US water utility.
He posted a document to the Pastebin website which purportedly contained links to screenshots of the internal control systems for a waste water treatment plant in South Houston.
The hacker's claims about their ability to penetrate the control systems have yet to be confirmed or denied by South Houston's Water and Sewer Department.
In an interview with the Threat Post website, Pr0f said the hack of the South Houston network barely deserved the name because only a three-character password had been used to protect the system.
The attacks are the latest in a series in which different hackers and groups have targeted so called Supervisory Control And Data Acquisition (SCADA) systems. These specialised computer systems are used to control equipment used to filter water, mix chemicals, distribute power and route trains and trams.
One of the best known SCADA attacks involved the Stuxnet worm which caused problems for Iran.
There were reports that the malware crippled centrifuges used in the nation's uranium enrichment program. Iran denied the claims saying that it had caught the worm before it reached its intended target.
Earlier this year, security researchers who investigated ways to attack SCADA systems were persuaded to cancel a public talk about their findings because of the "serious physical, financial impact these issues could have on a worldwide basis".
Lani Kass, a former adviser to the US Joint Chiefs of Staff on security issues, said America had to start doing more work to understand attacks on critical infrastructure.
"The going in hypothesis is always that it's just an incident or coincidence," she said. "And if every incident is seen in isolation, it's hard - if not impossible - to discern a pattern or connect the dots."
"Failure to connect the dots led us to be surprised on 9/11," she said.