Hackers breached the network at a water utility in Springfield, Ill. and destroyed a pump, according to a post on the Wired Threat Level blog.
Cyber-attackers gained remote access into the control systems used by the city water utility in Springfield, Ill. on Nov. 8, a security expert told Wired. A water district employee noticed the supervisor control and data acquisition (SCADA) systems used in the facility kept turning on and off, causing the attached water pump to burn out, according to the report.
Joe Weiss, a managing partner of Applied Control Solutions, told Wired he learned of the incident from a Nov. 10 report issued by the Illinois Statewide Terrorism and Intelligence Center, a state government agency. The “Public Water District Cyber Intrusion” report did not name the compromised utility or the SCADA system vendor.
Weiss noted that the incident has not been disclosed by the Water Information Sharing and Analysis Center, the Department of Homeland Security’s Daily unclassified report, by the DHS Industrial Control System-Cyber Emergency Response Team or other government and industry security groups.
“None of the water utilities I have spoken to were aware of it,” Weiss said, noting the fact that the lack of notification was as “big a deal” as the attack itself.
The attack originated from IP addresses based in Russia, although with proxies and other routing technologies, that doesn’t necessarily mean the attackers were based out of that country. The intruders first hacked into the network of the vendor that makes the SCADA system used by the utility and stole customer usernames and passwords, Weiss posted on his blog. The stolen credentials were then used to remotely connect to the utility itself to target the equipment within the facility.
The attack is likely to have lasted for at least two to three months before it was discovered, since operators had noticed “glitches” in the system, the state report found. The nature of those glitches remained unclear.
It is also unknown whether other SCADA systems at other water utilities have been attacked, Weiss said.
“My gut tells me that there is greater targeting and wider compromise than we know about,” said David Marcus, director of security research at McAfee. Many of these infrastructure facilities do not have cyber-forensics and response procedures necessary to detect these cyber-intrusions, Marcus said.
DHS is currently investigating the incident and has not seen “credible corroborated data” that indicates there was a risk to critical infrastructure, the agency said in a statement.
The Stuxnet worm last year that damaged centrifuges in Iran’s nuclear facility spotlighted how vulnerable SCADA systems were to remote attack. “It is really no more difficult to attack a SCADA network or system than it is to attack any other system,” Marcus said. It just takes time, specialized knowledge and dedicated resources to develop the attack, much like any other threat vector, he said.
Many of these SCADA systems also don’t need to be connected to the Internet in the first place, Mike Geide, a senior security researcher at Zscaler ThreatLabZ, told eWEEK. To prevent these attacks the users, systems and software should have the least privilege necessary to complete the task and nothing else.
The report comes less than a day after Norway’s National Security Agency (NSM) reported that oil , gas and defense firms were hit by a series of sophisticated cyber-attacks. Industrial secrets and sensitive details about contract negotiations have been stolen, NSM said. At least 10 firms have been targeted in the attack in which user names, passwords, industrial drawings, contracts and documents were stolen and taken out of the country.
“We have to suppose that the actual number (of victims) is much higher, but that many (companies) have not been in contact” with authorities, the Norwegian agency said.
The attackers breached the networks using customized email messages sent to specific individuals in the organizations with malware attachments which managed to slip past anti-malware detection systems, according to NSM. The mail had been carefully crafted to look like legitimate messages and tailored for each individual target. They were sent while the companies were in the middle of negotiations over big contracts.
NSM said one group was likely behind all the attacks but did not provide any additional information.
AI thrives on data but feeding it the right data is harder than it seems. As enterprises scale their AI initiatives, they face the challenge of managing diverse data pipelines, ensuring proximity to insights, and supporting a growing range of workloads. In this episode, Corey Knowles speaks with Vrashank Jain, lead product manager for Dell’s AI Data Platform, about how businesses can overcome these hurdles with solutions that simplify data management, enhance performance, and unlock the full potential of their AI investments.
In this episode of eSpeaks, Jennifer Margles, Director of Product Management at BMC Software, discusses the transition from traditional job scheduling to the era of the autonomous enterprise.
eSpeaks’ Corey Noles talks with Rob Israch, President of Tipalti, about what it means to lead with Global-First Finance and how companies can build scalable, compliant operations in an increasingly uncertain world. They explore how automation, AI, and integrated platforms are helping finance teams tackle today’s biggest challenges, from cross-border compliance and FX volatility to […]
-
Latest News - Resources Resource HubsFeatured ResourcesLink to The Real AI Power Play: Who Controls Your Enterprise Data Layer? The Real AI Power Play: Who Controls Your Enterprise Data Layer?IT and data teams were promised that AI would make work easier. Instead, it's created new layers of complexity.Link to Building the Backbone of Agentic AI with Trusted, Context-Rich Data Building the Backbone of Agentic AI with Trusted, Context-Rich DataIn this 10-minute take video, Reltio Principal Solutions Consultant Guy Vorster explains how organizations can overcome fragmented data challenges to power AI agents.Link to IHG scales real-time, trusted data across global brands IHG scales real-time, trusted data across global brandsAccelerating time to value while powering data-driven engagementLink to Dell’s Vrashank Jain on The Data Problem That Could Break Your AIDell’s Vrashank Jain on The Data Problem That Could Break Your AI
AI thrives on data but feeding it the right data is harder than it seems. As enterprises scale their AI initiatives, they face the challenge of managing diverse data pipelines, ensuring proximity to insights, and supporting a growing range of workloads. In this episode, Corey Knowles speaks with Vrashank Jain, lead product manager for Dell’s AI Data Platform, about how businesses can overcome these hurdles with solutions that simplify data management, enhance performance, and unlock the full potential of their AI investments.
Link to BMC’s Jennifer Margules on Intelligent Enterprise OrchestrationBMC’s Jennifer Margules on Intelligent Enterprise OrchestrationIn this episode of eSpeaks, Jennifer Margles, Director of Product Management at BMC Software, discusses the transition from traditional job scheduling to the era of the autonomous enterprise.
Link to Global-First Finance: Building Scalable, Compliant Operations in an Uncertain WorldGlobal-First Finance: Building Scalable, Compliant Operations in an Uncertain WorldeSpeaks’ Corey Noles talks with Rob Israch, President of Tipalti, about what it means to lead with Global-First Finance and how companies can build scalable, compliant operations in an increasingly uncertain world. They explore how automation, AI, and integrated platforms are helping finance teams tackle today’s biggest challenges, from cross-border compliance and FX volatility to […]
-
Artificial Intelligence -
Video -
Big Data & Analytics -
Cloud -
Networking - Cybersecurity Cybersecurity
- Applications Applications
- IT Management IT Management
- Storage Storage
- Mobile Mobile
- Small Business Small Business
- Development Development
- Database Database
- Servers Servers
- Android Android
- Apple Apple
- Innovation Innovation
- PC Hardware PC Hardware
- Reviews Reviews
- Search Engines Search Engines
- Virtualization Virtualization
-
- Blogs Blogs
- Events Events