Money Matters - Simplified

Hackers destroy Illinois water utility pump -- expert

DHS has confirmed the pump problem, but added that it is yet not verified whether it was the work of hackers.

In what is being seen as a cyber attack on a U.S. public utility, Joe Weiss, an industry security expert, reported that hackers, apparently from Russia, cracked into a critical computer system and damaged a water pump in central Illinois last week.

It appears that the hackers broke into the supervisory control and data acquisition (SCADA) software and stole “customer usernames and passwords,” Weiss, a managing partner at Applied Control Systems LLC, reported in his blog post.

Problems had been observed in remote access to the SCADA system in the past 2 to 3 months. And recently “there was damage – the SCADA system was powered on and off, burning out a water pump,” added Weiss.

The pump breakdown affected Springfield, Illinois, said the U.S. Department of Homeland Security (DHS).

DHS probing incident
DHS has confirmed the pump problem, but added that it is yet not verified whether it was the work of hackers.

While DHS claims its infrastructure is secure, a hacker named 'pr0f,' prompted by Boogaard's statement, posted several images on Pastebin on Friday showing “a really insecure system” in South Houston.

Peter Boogaard, deputy press secretary at the DHS, was quoted by Register as saying, “DHS and the FBI are gathering facts surrounding the report of a water pump failure in Springfield Illinois.

“At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety.”

Hacker shows cracks in SCADA system
While DHS claims its infrastructure is secure, a hacker named 'pr0f,' prompted by Boogaard's statement, posted several images on Pastebin on Friday showing “a really insecure system” in South Houston.

The hacker wrote, “This was stupid. You know. Insanely stupid. I dislike, immensely, how the DHS tend to downplay how absolutely F**KED the state of national infrastructure is.”

'pr0f' assured that no machinery has been damaged. “I don't really like mindless vandalism. It's stupid and silly. On the other hand, so is connecting interfaces to your SCADA machinery to the Internet.”

“This required almost no skill and could be reproduced by a two year old with a basic knowledge of Simatic,” the hacker added.