14 DAY TRIAL // A public water utility company's network was attacked after a hacking operation that targeted a SCADA software vendor resulted in the theft of an unknown number of customer usernames and passwords.
Joe Weiss, an industry expert on control systems, reported in a blog post that the issue was not disclosed by the Water ISAC, the DHS, or the ICS-CERT and none of the other water utility companies were aware of the incident.
However, the targeted utility firm suffered multiple intermittent power failures which led to a water pump being burned out completely. Around 3-4 months before the cyberattack, the SCADA system presented minor glitches which may be connected to the incident.
Investigations revealed that judging by the IP address that was used, the attack originated from Russia, but that doesn't necessarily mean that a Russian hacker is behind the operation, since computers from any country could have been compromised to launch the hit.
According to Weiss, the actions that should be taken as a result of the incident include the implementation of control system forensics, training and policies that include the cybersecurity of such systems, better information sharing throughout the industry, and a better coordination and disclosure by the government.
The DHS, on the other hand, claims that they're currently investigating the whole incident, but they assume it's nothing but a pump failure, no indications pointing to a cybercriminal operation, reports CNET.
Since water utility companies rely very much on programmable logic controllers (PLCs), Weiss believes these components might have been targeted by the hackers.
"We don't have cyber forensics, so when they see [issues] they don't think it's a cyber problem. They just think it's a glitch in the system," Weiss says. "Why won't we have a cyber Pearl Harbor? Because we won't know it."