[su_note note_color=”#eaeae9″]UPDATE: Thanks to a reader, I was informed that the “hack” described here wasn’t a hack at all but rather a technician on vacation in Russia doing his job. You can read all the details here. I did originally put the term “hacked” in quotes because there was no confirmation. I stand by the fear mongering about the National infrastructure, however, because if your operation is attached to the Internet, it’s subject to risk.[/su_note]
[su_dropcap style=”simple”]A[/su_dropcap] fascinating news story is being generated out of Illinois. A water plant has apparently been “hacked”. The water plant uses computers and software to control the flow of water. Those computers use what is called a SCADA network, supervisory control and data acquisition, to manage the systems that control various industrial processes.
This is big news because these SCADA networks are everywhere in our “infrastructure”. They are used to operate nuclear power plants, electric grids, and a whole host of other industrial processes. You may recall a story a while back about a computer virus known as Stuxnet being used to destroy the centrifuges used by Iran to make enriched uranium for nuclear bombs. That virus effectively told the SCADA system to speed up the centrifuges while at the same time having the system report “all normal” to the operators. The centrifuges spun so fast that they effectively destroyed themselves. The SCADA system, if operating properly, would have kept that from happening.
There has been a lot of talk in Washington about “cyber war” and “cyber terrorism”. The fear is that some dangerous person or persons would be able to access our “infrastructure” and cause a nuclear power plant to “meltdown” or have an electric grid shut down a whole city or some other impact that causes either horrific injuries and death or significant economic harm.
In order to access our “infrastructure”, the bad guys would probably need to get to the SCADA systems controlling it. That’s why this “incident” in Illinois is so troubling. If true, this may be the first time that a SCADA network in the United States has been effectively breached or hacked (at least the first we’ve heard about publicly).
How this one came to light is that a state “cyber fusion” notice dated November 10, 2011 was somehow obtained by a guy named Joe Weiss, who apparently works for a company that deals with security for SCADA systems. Mr. Weiss went public with the information via a blog post. In his post you can read between the lines that he’s a little upset that the Feds aren’t all over this.
He reports that someone stole usernames and passwords from a SCADA software vendor and used the stolen credentials to hack into the water plant’s SCADA network, meaning whoever they are probably have more than just this one… (someone better go chat with the “vendor” – soon)
Mr. Weiss also reports that the IP address of the hacked was traced to Russia. This may be too simplistic a conclusion because, like license plates for cars, IP addresses can be manipulated for the purpose of evading identification.
According to a CNN report, officials at the Department of Homeland Security are “looking into it” and have not concluded that it was in fact a hack that caused the issues at the water plant’s SCADA network.
This might all sound like tech-babble, but if it turns out that an industrial SCADA network was breached from outside the United States, then this is a very, very, very big deal. Our authorities should consider this a shot across our bow from somewhere.
I give Mr. Weiss a lot of credit for making this public. If nothing else it will hopefully spur our Congress to deal with these digital world issues as soon as possible.
PS – on the Washington thing… this is what makes me mad: Congress is all over “online piracy”, oh dear, someone watched Shrek 3 without paying for it… but they aren’t even close to dealing with the nation’s cyber infrastructure. Get your priorities straight!!!