It has been revealed that a water utility near Springfield, Illinois, was successfully attacked by hackers. The incident is now being investigated by US homeland security and FBI officials.
As a result of the attack, a water pump motor burn’t out when it was continuously switched on and off. This is the first time that a foreign hacker has successfully targeted a US industrial facility and gained access to controls. Fortunately for the people living in Illinois, who are dependent on the water from this pump, no supply issues were experienced. However, this hack has proven that the industrial facilities in the US can be breached and has prompted the US authorities to conduct a high-level investigation.
On the 8th November, a technician revealed that the system had been hacked from a computer in Russia. Joe Weiss, a cyber-security expert, made the incident public knowledge and summed up the attack in the Washington Post stating “This is a big deal.”
It has been reported in the US press that the hackers managed to compromise the companyís database by retrieving thee supervisory control and data acquisition (Scada) software. The hackers turned the Scada system on and off which resulted in the water pump motor burning out.
Peter Boogaard, the Homeland security spokesman, has told news agencies that officials have yet to confirm that the water pump burn out was a result of a cyber-attack. Boogaard stated. ďAt this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety.”
The Scada systems are vital to the functioning of the US industrial sector as they control water treatment facilities, railway switches, chemical plants and nuclear reactors. As a result of this, they are a prime target for attackers. The devastation that could be caused if the Scada systems are breached again could be on an unimaginable scale.
Scada Systems vulnerability was exposed last year when centrifuges at a uranium facility in Iran were attacked by Stuxnet. This is a virus which targets Scada Systems. US experts came to the conclusion that the virus Stuxnet increased the speed of uranium centrifuges to breaking point, while shutting off safety monitoring systems. Iranís president, Mahmoud Ahmadinejad, did confirm that the system had been breached and that the virus had “managed to create problems for a limited number of our centrifuges.”
In 2007, researchers at the US government’s Idaho National Laboratories identified a weakness in the electricity gridís defences and demonstrated the potential damage that a cyber-attacker could inflict on a large diesel generator.