Tuesday, November 22, 2011

DHS - FBI Say No Cyber Intrusion at Illinois Water Utility 11/22/2011 San Francisco - By John McNabb *

Federal authorities today issued a statement that they found no credible evidence that a previously reported incident of cyber hacking against a public water treatment facility in Illinois had occurred. The statement, issued at 5:30 pm (ET) today reads verbatim, as follows:

John McNabb of Infrastructure Security Labs

After detailed analysis, DHS and the FBI have found no evidence of a cyber intrusion into the SCADA system of the Curran-Gardner Public Water District in Springfield, Illinois.

There is no evidence to support claims made in the initial Fusion Center report - which was based on raw, unconfirmed data and subsequently leaked to the media - that any credentials were stolen, or that the vendor was involved in any malicious activity that led to a pump failure at the water plant.  In addition, DHS and FBI have concluded that there was no malicious traffic from Russia or any foreign entities, as previously reported.

Analysis of the incident is ongoing and additional relevant information will be released as it becomes available.”

In the initial reporting on this incident, an unidentified alleged foreign hacker had ostensibly damaged a pump at the Illinois water utility. This reported incident, and the subsequent hacking of a South Houston wastewater facility to show how easily it could be done, resulted in dozens of news stories, blogs, and commentary worldwide.

This wide scale reporting, although now factually proven incorrect by the competent federal agencies, brought needed attention to the vulnerability of public drinking water facilities to attacks by malicious hackers.  Just because this Illinois incident was not the real thing does not diminish the fact that drinking water facilities are vulnerable to cyber attack. Far more needs to be done, both by government and industry, to properly secure this critical infrastructure.

             * John McNabb is Principal of Infrastructure Security Labs, which researches security of critical infrastructures. He was an elected Water Commissioner for a small New England drinking water utility for 13 years. His current research focuses primarily on security of drinking water infrastructure. He has presented papers at Defcon 18 (Cyberterrorism and the Security of the National Drinking Water Infrastructure), Defcon 19, Black Hat, and ShmooCon. Among his works is a chapter on drinking water security in the book Weapons of Mass Destruction and Terrorism, 2nd Edition (McGraw-Hill, 2012). He can be reached at

Web Analytics