Federal investigators are looking into a report that hackers managed to remotely shut down a utility's water pump in central Illinois last week, in what could be the first known foreign cyber attack on a US industrial system. The Nov. 8 incident was described in a one-page report from the Illinois Statewide Terrorism and Intelligence Center, according to Joe Weiss, a prominent expert on protecting infrastructure from cyber attacks. The attackers obtained access to the network of a water utility in a rural community west of the state capital Springfield with credentials stolen from a company that makes software used to control industrial systems, according to the account obtained by Weiss. It did not explain the motive of the attackers. He said that the same group may have attacked other industrial targets or be planning strikes using credentials stolen from the same software maker. The US Department of Homeland Security and the Federal Bureau of Investigation are examining the matter, said DHS spokesman Peter Boogaard. “At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety,” he said. Cyber security experts said that the reported attack highlights the risk that attackers can break into what is known as Supervisory Control and Data Acquisition (SCADA) systems. They are highly specialized computer systems that control critical infrastructure from water treatment facilities, chemicals plants and nuclear reactors to gas pipelines, dams and switches on train lines. Several media reports identified the location of the attack as Springfield. City officials said that was inaccurate. Don Craven, a lawyer and a trustee for the Curran-Gardner Township Public Water District, said late on Friday that the small water utility was aware that “something happened” but that he did not have much information on the matter. The district serves some 2,200 customers in a rural district West of Springfield. He said there was no interruption in service as the utility operates multiple pumps and wells. Its water comes from an aquifer underneath the Sangamon River. Craven said he did not know what software at the utility was involved but said he was confident that no customer records were compromised. He said he was mystified as to the reason hackers might have targeted the tiny district. Quoting from the one-page report, Weiss said it was not yet clear whether other networks had been hacked as a result of the breach at the US software maker. He said the manufacturer of that software keeps login credentials to the networks of its customers so that its staff can help them support those systems. “An information technology services and computer repair company checked the computer logs of the system and determined the computer had been hacked into from a computer located in Russia,” Weiss said. Workers at the targeted utility in central Illinois on Nov. 8 noticed problems with SCADA systems which manages the water supply system, and discovered that a water pump had been damaged, said Weiss, managing partner of Applied Control Solutions in Cupertino, California.
