Skip to content

Business

Water systems hacked in Illinois and Texas

by Michael Clark 23 Nov 2011
Water systems hacked in Illinois and Texas

Water pumping station via Shutterstock

The Illinois Statewide Terrorism and Intelligence Center revealed last week that earlier this month a hacker shut down a pump at a central Illinois water utility serving 2,200 customers. The event is a stark reminder of the vulnerability of our critical infrastructure, most of which is operated via remote software called SCADA, to cyber attack.

The attack, which appears to have originated in Russia, seems to be the first foreign cyber attack on US critical infrastructure. The event highlights the double edged nature of an increasingly automated water distribution infrastructure: on the one hand, advanced SCADA systems have increased operational efficiency; on the other, public health and safety is at risk to cyber attacks.

The water utility in question has not been named, only described as a small rural utility in central Illinois. The attackers gained access to the utility's system by lifting passwords from a SCADA software development company, and began cycling a water pump off and on until it failed, on November 8. Back up pumps activated automatically, preventing disruption of water service.

The FBI and Department of Homeland Security are investigating the incident. A bit absurdly, DHS has downplayed the attack, stating that 'there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety.' This notion did not sit well with a hacker called Prof, who posted on Pastebin a scathing rebuke of what he considers the malaise with which the DHS is responding to the event and critical infrastructure protection in general. He writes: "I dislike, immensely, how the DHS tend to downplay how absolutely f***** the state of national infrastructure is."

To prove the vulnerability of SCADA systems and twist the proverbial blad, he claimed to have accessed the South Houston Wastewater Department's SCADA system, posting screen shots of the software program to prove it. In a final twist, he says that the hack required 'no skill' and could be 'reproduced by a two year old.' The FBI and DHS are now also investigating this incident, the purpose of which, Prof claims, is to simply prove a point, not cause harm.

Representative Jim Langevin (D-R.I.), co-founder of the House Congressional Cybersecurity Caucus co-founder Jim Langevin (D-R.I.), and Prof are on the same page when it comes to their distaste for the seemingly lackadasical approach to combating cyber attacks at critical infrastructure facilities.

To The Hill, Rep. Langevin stated: "I'm greatly concerned about security of our critical infrastructure and its vulnerability to a cyber attack.....We have a lot of work to do and I don't think that the owners and operators of the electric grid in particular or water and sewer treatment plants are taking this threat seriously enough. But the potential attack that took place in Springfield, Illinois, should be a real wake-up call."

Rep. Langevin, in 2010, introduced a bill that would have created a National Office for Cyberspace which would 'oversee the security of agency information systems and infrastructure'. The bill passed the House but floundered in the Sentate. The EPA, who is tasked with the protection of water and wastewater infrastructure as the hauntingly Orwellian sounding Homeland Safety Presidential Directive 7, should be particularly interested in the goings on.

The embattled agency, which is likely seeing its budget cut, oversees the enforcement of various Homeland Security Directives applicable to water utilities as well as the Bioterrorism Act of 2002, which requires water utilities to prepare vulnerability assessments and develop plans to mitigate or prevent emergencies. As part of its responsibilities, EPA is required to develop what's known as a Sector Specific Plan for protecting the nation's water and wastewater infrastructure.

The latest version, published in 2010, mentions the development of a plan, called the Cybersecurity Roadmap, to enhance cybersecurity related to water and wastewater infrastructure. The Sector Specific Plan blandly states that the 'Water Sector is following the path laid out by Cybersecurity Roadmap', pointing out that several cycbersecurity workshops have been held. Workshops, however, do not make a secure SCADA infrastructure.

The incidents in Illinois and Texas should stimulate renewed focus on these cybersecurity efforts. Cyberattacks, after all, will likely grow, particularly as more systems become more automated. A key piece will be ensuring security alongside operational efficiency. Workshops may not be enough to ensure this happens. The release of the Stuxnet virus on Iranian nuclear infrastructure earlier this year, which has been linked to the US, stoked anxiety about retribution. Foreign attackers, emboldened by the use of cyber weapons by the US, would fight fire with fire and begin attacking US infrastructure. It appears this fear has come true, and the events of late indicate water is a prime and vulnerable target.


Trending Eco-Friendly Clothing

Love My Planet Women's Relaxed Fit Hoodie
Earth
Quick Add
Close
Notify me
Notify me
Love My Planet Women's Relaxed Fit Hoodie
Love My Planet women's eco-friendly relaxed fit hoodieSize Guide Centimeters 8 10 12 14 16 18 Bust 84 88 92 97 103 108 Waist 66 70 75 80 85 91 Hips 91 95 99 104 109 116 Bust: Measure around the fullest part of...
£38.00
£38.00
Close
Notify me
Notify me
Penguins Hate Push-Ups Men's Pullover Hoodie
Earth
Quick Add
Close
Notify me
Notify me
Penguins Hate Push-Ups Men's Pullover Hoodie
Penguins Hate Push-Ups men's eco-friendly pullover HoodieSize Guide Centimeters XS S M L XL XXL Height 171 175 179 183 189 195 Chest 86 93 99 104 116 129 Waist 71 76 81 89 99 112 Chest: Measure all round your chest just below...
£38.00
£38.00
Close
Notify me
Notify me
Lightning Bolt Kids Long Sleeve T-Shirt
Earth
Quick Add
Close
Notify me
Notify me
Notify me
Lightning Bolt Kids Long Sleeve T-Shirt
Lightning Bolt kids eco-friendly long sleeve t-shirtSize Guide Centimeters 3-4yrs 5-6yrs 7-8yrs 9-10yrs 11-12yrs Height 98 112 125 136 147 Chest 60 66 70 75 84 Chest: Measure all around your chest just below your armpits. Height: Your natural height If you fall between...
£18.00
£18.00
Close
Notify me
Notify me
Notify me
Union Jack Tote Bag
Earth
Quick Add
Close
Notify me
Notify me
Union Jack Tote Bag
Union Jack eco-friendly colour tote bagProduct Specification Organic Cotton Tote Bag. Twill Weave (170gsm). 37 x 42 cm (7cm gusset.) Made in India / Designed on the Isle of Wight. Wash Cool, Hang Dry.
£16.00
£16.00
Close
Notify me
Notify me
Prev Post
Next Post

Eco-Friendly Shop

Women's Clothing

Eco-Friendly Clothing for Women Our online shop offers a wide range of sustainable women’s clothing products, including t-shirts, hoodies, vests, sweaters, shorts, and...
Shop Now

Men's Clothing

Eco-Friendly Clothing for Men Our online shop offers a wide range of sustainable men’s clothing products, including t-shirts, hoodies, vests, sweaters, shorts, and...
Shop Now

Kids Clothing

Eco-Friendly Clothes for Kids Our online shop offers a wide range of sustainable kids clothing products, including t-shirts, hoodies and jumpers. Our garments...
Shop Now
Someone recently bought a
[time] ago, from [location]

Thanks for subscribing!

This email has been registered!

Shop the look

Choose Options

Earth Times
Sign up for exclusive updates, new arrivals & insider only discounts

Recently Viewed

Edit Option
Back In Stock Notification
this is just a warning
Login
Shopping Cart
0 items

Before you leave...

Take 20% off your first order

20% off

Enter the code below at checkout to get 20% off your first order

CODESALE20

Continue Shopping